Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

trusty: Allow linking/read tdp and td

Browse source 
Background:
* storageproxyd needs to be able to create and read symlinks associated
  with TDP and TD.

08-07 08:13:44.868   750   750 W binder:750_2: type=1400 audit(0.0:18): avc:  denied  { create } for  name="0" scontext=u:r:tee:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=lnk_file permissive=0
08-07 07:35:19.396   755   755 W binder:755_2: type=1400 audit(0.0:7): avc:  denied  { read } for  name="0" dev="sda1" ino=15 scontext=u:r:tee:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=lnk_file permissive=0
08-07 08:34:24.956   742   742 W binder:742_2: type=1400 audit(0.0:8): avc:  denied  { read } for  name="persist" dev="dm-52" ino=406 scontext=u:r:tee:s0 tcontext=u:object_r:tee_data_file:s0 tclass=lnk_file permissive=0

Flag: EXEMPT resource only update
Bug: 357815590
Test: Tested by purging device and verifying fresh device
Change-Id: Ib239534bfb28d05de14095e84961ff0f84cde68d
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
This commit is contained in:
Donnie Pollitz 2024-08-05 13:12:19 +02:00
parent cae1a2aba4
commit cb18bb48d5
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
vendor/tee.te vendored
View file

@ -1,3 +1,4 @@
allow tee tee_persist_block_device:blk_file rw_file_perms; allow tee tee_persist_block_device:blk_file rw_file_perms;
allow tee tee_userdata_block_device:blk_file rw_file_perms; allow tee tee_userdata_block_device:blk_file rw_file_perms;
allow tee tee_data_file:lnk_file create; allow tee tee_data_file:lnk_file { create read };
allow tee persist_ss_file:lnk_file { create read };