diff options
| author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-05-09 05:57:08 +0000 |
|---|---|---|
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-05-09 05:57:08 +0000 |
| commit | 67b62989bfa6ae4621e6d7a955a153e9b20f7159 (patch) | |
| tree | 0f7bbea5e1cb763555dd405bd9eccc9731c81f94 | |
| parent | e88afe8248634d7ffbb4278f7397da7166f223f2 (diff) | |
| parent | 36f7fe941d41ecf0c7c371d30e70e7ceca5d5a1b (diff) | |
| download | gs101-sepolicy-67b62989bfa6ae4621e6d7a955a153e9b20f7159.tar.gz | |
Snap for 8558685 from 36f7fe941d41ecf0c7c371d30e70e7ceca5d5a1b to tm-frc-conscrypt-release
Change-Id: Id0b95129b25e31573c2b3d0338cf861ccb9bb7d2
| -rw-r--r-- | whitechapel/vendor/google/file_contexts | 1 | ||||
| -rw-r--r-- | whitechapel/vendor/google/genfs_contexts | 34 | ||||
| -rw-r--r-- | whitechapel/vendor/google/hal_fingerprint_default.te | 4 | ||||
| -rw-r--r-- | whitechapel/vendor/google/hal_usb_gadget_impl.te | 7 | ||||
| -rw-r--r-- | whitechapel/vendor/google/set-usb-irq-sh.te | 13 |
5 files changed, 45 insertions, 14 deletions
diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts index 05e4959..10ffc7a 100644 --- a/whitechapel/vendor/google/file_contexts +++ b/whitechapel/vendor/google/file_contexts @@ -280,7 +280,6 @@ /vendor/bin/init\.insmod\.sh u:object_r:init-insmod-sh_exec:s0 # USB -/vendor/bin/hw/set_usb_irq\.sh u:object_r:set-usb-irq-sh_exec:s0 /vendor/bin/hw/disable_contaminant_detection\.sh u:object_r:disable-contaminant-detection-sh_exec:s0 # NFC diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 881b7ef..17a5a0b 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -267,40 +267,72 @@ genfscon sysfs /devices/platform/175b0000.serial/serial0/serial0-0/bluetooth/hci # ODPM genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-6/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-6/6-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-6/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-6/6-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-6/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-6/6-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-6/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-6/6-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-7/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-7/7-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-7/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-7/7-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-7/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-7/7-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-7/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-7/7-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/7-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/7-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/7-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/7-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-8/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-8/8-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-8/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-8/8-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-8/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-8/8-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-8/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-8/8-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 # bcl sysfs files genfscon sysfs /devices/virtual/pmic/mitigation u:object_r:sysfs_bcl:s0 @@ -405,6 +437,8 @@ genfscon debugfs /pm_genpd/pm_genpd_summary genfscon debugfs /regmap u:object_r:vendor_regmap_debugfs:s0 genfscon debugfs /usb u:object_r:vendor_usb_debugfs:s0 genfscon debugfs /google_charger u:object_r:vendor_charger_debugfs:s0 +genfscon debugfs /max77759_chg u:object_r:vendor_charger_debugfs:s0 +genfscon debugfs /max77729_pmic u:object_r:vendor_charger_debugfs:s0 genfscon debugfs /gvotables u:object_r:vendor_votable_debugfs:s0 genfscon debugfs /google_battery u:object_r:vendor_battery_debugfs:s0 diff --git a/whitechapel/vendor/google/hal_fingerprint_default.te b/whitechapel/vendor/google/hal_fingerprint_default.te index 56b1605..aee2463 100644 --- a/whitechapel/vendor/google/hal_fingerprint_default.te +++ b/whitechapel/vendor/google/hal_fingerprint_default.te @@ -29,3 +29,7 @@ allow hal_fingerprint_default sysfs_display:file r_file_perms; # Allow fingerprint to access trusty sysfs allow hal_fingerprint_default sysfs_trusty:file rw_file_perms; + +# Allow fingerprint to access display hal +allow hal_fingerprint_default hal_pixel_display_service:service_manager find; +binder_call(hal_fingerprint_default, hal_graphics_composer_default) diff --git a/whitechapel/vendor/google/hal_usb_gadget_impl.te b/whitechapel/vendor/google/hal_usb_gadget_impl.te index 5170a8a..7eb0f63 100644 --- a/whitechapel/vendor/google/hal_usb_gadget_impl.te +++ b/whitechapel/vendor/google/hal_usb_gadget_impl.te @@ -12,3 +12,10 @@ set_prop(hal_usb_gadget_impl, vendor_usb_config_prop) allow hal_usb_gadget_impl sysfs_batteryinfo:dir r_dir_perms; allow hal_usb_gadget_impl sysfs_batteryinfo:file rw_file_perms; allow hal_usb_gadget_impl sysfs_extcon:dir search; + +# parser the number of dwc3 irq +allow hal_usb_gadget_impl proc_interrupts:file r_file_perms; + +# change irq to other cores +allow hal_usb_gadget_impl proc_irq:dir r_dir_perms; +allow hal_usb_gadget_impl proc_irq:file w_file_perms; diff --git a/whitechapel/vendor/google/set-usb-irq-sh.te b/whitechapel/vendor/google/set-usb-irq-sh.te deleted file mode 100644 index a00fe3b..0000000 --- a/whitechapel/vendor/google/set-usb-irq-sh.te +++ /dev/null @@ -1,13 +0,0 @@ -type set-usb-irq-sh, domain; -type set-usb-irq-sh_exec, vendor_file_type, exec_type, file_type; -init_daemon_domain(set-usb-irq-sh) - -allow set-usb-irq-sh vendor_toolbox_exec:file execute_no_trans; - -allow set-usb-irq-sh proc_irq:dir r_dir_perms; -allow set-usb-irq-sh proc_irq:file w_file_perms; - -# AFAICT this happens if /proc/irq updates as we're running -# and we end up trying to write into non-existing file, -# which implies creation... -dontaudit set-usb-irq-sh self:capability dac_override; |