diff options
author | ichihlu <ichihlu@google.com> | 2020-12-26 13:42:57 +0000 |
---|---|---|
committer | ichihlu <ichihlu@google.com> | 2021-01-08 01:28:48 +0000 |
commit | d44cf0504567c5f7201565a39fd3864d3ce03470 (patch) | |
tree | 87f40a1a345b14ee789a96b98827d21920f01ab6 /sepolicy | |
parent | e58784d037cb8fd5841d9ae3ecb040f8af9b2223 (diff) | |
download | trusty-d44cf0504567c5f7201565a39fd3864d3ce03470.tar.gz |
Secure DPU: add securedpud daemon
1. Add daemon implementation
2. Update sepolicy
Bug: 176508588
Change-Id: I1186a205d60f1cf0e308d636f9828b249b5513f4
Diffstat (limited to 'sepolicy')
-rw-r--r-- | sepolicy/file_contexts | 1 | ||||
-rw-r--r-- | sepolicy/securedpud.te | 6 |
2 files changed, 7 insertions, 0 deletions
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 3153bd1..7c72e1f 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -2,6 +2,7 @@ /dev/vport3p1 u:object_r:rpmb_virt_device:s0 /dev/vport3p2 u:object_r:spi_virt_device:s0 /vendor/bin/dhcpclient u:object_r:dhcpclient_exec:s0 +/vendor/bin/securedpud u:object_r:securedpud_exec:s0 /vendor/bin/spiproxyd u:object_r:tee_exec:s0 /vendor/bin/storageproxyd u:object_r:tee_exec:s0 /data/vendor/var/run(/.*)? u:object_r:varrun_file:s0 diff --git a/sepolicy/securedpud.te b/sepolicy/securedpud.te new file mode 100644 index 0000000..3eae5e0 --- /dev/null +++ b/sepolicy/securedpud.te @@ -0,0 +1,6 @@ +type securedpud, domain; +type securedpud_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(securedpud) + +allow securedpud tee_device:chr_file rw_file_perms; |