diff options
| author | android-build-team Robot <android-build-team-robot@google.com> | 2020-06-10 01:08:58 +0000 |
|---|---|---|
| committer | android-build-team Robot <android-build-team-robot@google.com> | 2020-06-10 01:08:58 +0000 |
| commit | d289ad3b14b3ca170cb91fda85bf13dd20870341 (patch) | |
| tree | 96d1cbd5def439186c8db234151d4dd07096a593 | |
| parent | 605e1c5ec6c12b52f4b26d8547b7789fc4e217d4 (diff) | |
| parent | 6342c22fd70eab05b887c5a069943dda9fc13d0b (diff) | |
| download | coral-sepolicy-d289ad3b14b3ca170cb91fda85bf13dd20870341.tar.gz | |
Snap for 6573866 from 6342c22fd70eab05b887c5a069943dda9fc13d0b to rvc-release
Change-Id: I8780a922a7e411ebbb5ca2542076495003ee4473
| -rw-r--r-- | vendor/google/file_contexts | 3 | ||||
| -rw-r--r-- | vendor/google/hal_rebootescrow_citadel.te | 17 | ||||
| -rw-r--r-- | vendor/qcom/common/file_contexts | 16 |
3 files changed, 28 insertions, 8 deletions
diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts index 844e1fa..ba72269 100644 --- a/vendor/google/file_contexts +++ b/vendor/google/file_contexts @@ -3,7 +3,6 @@ /dev/ab-dram u:object_r:airbrush_device:s0 /dev/abc-pcie-dma u:object_r:airbrush_device:s0 /dev/abc-pcie-tpu_0 u:object_r:abc_tpu_device:s0 -/dev/access-kregistry u:object_r:rebootescrow_device:s0 /dev/access-metadata u:object_r:ramoops_device:s0 /dev/access-ramoops u:object_r:ramoops_device:s0 /dev/block/zram0 u:object_r:swap_block_device:s0 @@ -36,6 +35,7 @@ /vendor/bin/hw/android\.hardware\.keymaster@4\.1-service\.citadel u:object_r:hal_keymaster_citadel_exec:s0 /vendor/bin/hw/android\.hardware\.neuralnetworks@1\.2-service-noronha u:object_r:hal_neuralnetworks_darwinn_exec:s0 /vendor/bin/hw/android\.hardware\.power\.stats@1\.0-service\.pixel u:object_r:hal_power_stats_default_exec:s0 +/vendor/bin/hw/android\.hardware\.rebootescrow-service\.citadel u:object_r:hal_rebootescrow_citadel_exec:s0 /vendor/bin/hw/android\.hardware\.secure_element@1\.0-service\.st u:object_r:hal_secure_element_default_exec:s0 /vendor/bin/hw/android\.hardware\.usb@1\.2-service\.coral u:object_r:hal_usb_impl_exec:s0 /vendor/bin/hw/android\.hardware\.weaver@1\.0-service\.citadel u:object_r:hal_weaver_citadel_exec:s0 @@ -117,6 +117,7 @@ /data/vendor/hal_neuralnetworks_darwinn/hal_camera(/.*)? u:object_r:hal_neuralnetworks_darwinn_hal_camera_data_file:s0 /data/vendor/camera_calibration(/.*)? u:object_r:camera_calibration_vendor_data_file:s0 /data/vendor/face(/.*)? u:object_r:face_vendor_data_file:s0 +/data/vendor/rebootescrow(/.*)? u:object_r:hal_rebootescrow_citadel_data_file:s0 /data/per_boot(/.*)? u:object_r:per_boot_file:s0 # dev socket node diff --git a/vendor/google/hal_rebootescrow_citadel.te b/vendor/google/hal_rebootescrow_citadel.te new file mode 100644 index 0000000..4ca8a1e --- /dev/null +++ b/vendor/google/hal_rebootescrow_citadel.te @@ -0,0 +1,17 @@ +type hal_rebootescrow_citadel, domain; +type hal_rebootescrow_citadel_exec, exec_type, vendor_file_type, file_type; +type hal_rebootescrow_citadel_data_file, file_type, data_file_type; + +hal_server_domain(hal_rebootescrow_citadel, hal_rebootescrow) + +vndbinder_use(hal_rebootescrow_citadel) +binder_call(hal_rebootescrow_citadel, citadeld) +allow hal_rebootescrow_citadel citadeld_service:service_manager find; + +hal_client_domain(hal_rebootescrow_citadel, hal_keymaster) + +init_daemon_domain(hal_rebootescrow_citadel) + +allow hal_rebootescrow_citadel hal_rebootescrow_citadel_data_file:dir create_dir_perms; +allow hal_rebootescrow_citadel hal_rebootescrow_citadel_data_file:file create_file_perms; + diff --git a/vendor/qcom/common/file_contexts b/vendor/qcom/common/file_contexts index 376cea9..f329e37 100644 --- a/vendor/qcom/common/file_contexts +++ b/vendor/qcom/common/file_contexts @@ -167,13 +167,15 @@ /vendor/lib(64)?/vendor\.qti\.hardware\.display\.mapperextensions@1\.1\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/hw/android\.hardware\.graphics\.mapper@3\.0-impl-qti-display\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/vendor\.qti\.hardware\.display\.mapper@3\.0\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/libqdMetaData\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/libgralloc\.qti\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/lib_aion_buffer\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/libqservice\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/libqdutils\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/libadreno_utils\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/libgsl\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libqdMetaData\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libgralloc\.qti\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/lib_aion_buffer\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libqservice\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libqdutils\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libadreno_utils\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libadreno_app_profiles\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libgpudataproducer\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libgsl\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/libEGL_adreno\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/libGLESv1_CM_adreno\.so u:object_r:same_process_hal_file:s0 |