diff options
| author | Xin Li <delphij@google.com> | 2023-10-05 15:33:04 -0700 |
|---|---|---|
| committer | Xin Li <delphij@google.com> | 2023-10-05 15:33:04 -0700 |
| commit | fb5c9bf792433ecc520c4e80ae5ef37a5f97c066 (patch) | |
| tree | 5cefbe9905472b91f48e8438fb586b8ee9d5bed4 | |
| parent | a98b00f9e683f42a85ed80d7a12850d0c30e7b8a (diff) | |
| parent | c58b906f581dbc635f153d2e617374e680c071a5 (diff) | |
| download | coral-sepolicy-fb5c9bf792433ecc520c4e80ae5ef37a5f97c066.tar.gz | |
Merge Android 14
Bug: 298295554
Merged-In: I1b6866d56f15089babe368bb60335c7ed99bdd6b
Change-Id: Idfe6f2a6a8a47983adac57d437fb6d9c0b8c8b4a
| -rw-r--r-- | vendor/google/e2fs.te | 2 | ||||
| -rw-r--r-- | vendor/google/fsck.te | 2 | ||||
| -rw-r--r-- | vendor/qcom/common/hal_drm_clearkey.te | 2 | ||||
| -rw-r--r-- | vendor/qcom/common/hal_drm_widevine.te | 2 |
4 files changed, 6 insertions, 2 deletions
diff --git a/vendor/google/e2fs.te b/vendor/google/e2fs.te new file mode 100644 index 0000000..4d2b596 --- /dev/null +++ b/vendor/google/e2fs.te @@ -0,0 +1,2 @@ +allow e2fs sysfs_scsi_devices_0000:dir r_dir_perms; +allow e2fs sysfs_scsi_devices_0000:file r_file_perms; diff --git a/vendor/google/fsck.te b/vendor/google/fsck.te index 1500b5f..7d94ea1 100644 --- a/vendor/google/fsck.te +++ b/vendor/google/fsck.te @@ -1 +1,3 @@ allow fsck persist_block_device:blk_file rw_file_perms; +allow fsck sysfs_scsi_devices_0000:dir r_dir_perms; +allow fsck sysfs_scsi_devices_0000:file r_file_perms; diff --git a/vendor/qcom/common/hal_drm_clearkey.te b/vendor/qcom/common/hal_drm_clearkey.te index 013705a..8267db8 100644 --- a/vendor/qcom/common/hal_drm_clearkey.te +++ b/vendor/qcom/common/hal_drm_clearkey.te @@ -7,5 +7,5 @@ hal_server_domain(hal_drm_clearkey, hal_drm) vndbinder_use(hal_drm_clearkey); -allow hal_drm_clearkey { appdomain -isolated_app }:fd use; +allow hal_drm_clearkey { appdomain -isolated_app_all }:fd use; allow hal_drm_clearkey hal_allocator_server:fd use; diff --git a/vendor/qcom/common/hal_drm_widevine.te b/vendor/qcom/common/hal_drm_widevine.te index 2f8fbdd..40f431a 100644 --- a/vendor/qcom/common/hal_drm_widevine.te +++ b/vendor/qcom/common/hal_drm_widevine.te @@ -10,6 +10,6 @@ allow hal_drm_widevine mediadrm_vendor_data_file:file create_file_perms; allow hal_drm_widevine hal_display_config_hwservice:hwservice_manager find; binder_call(hal_drm_widevine, hal_graphics_composer_default) -allow hal_drm_widevine { appdomain -isolated_app }:fd use; +allow hal_drm_widevine { appdomain -isolated_app_all }:fd use; allow hal_drm_widevine qce_device:chr_file rw_file_perms; |