diff options
author | George Chang <georgekgchang@google.com> | 2020-11-10 04:23:40 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-11-10 04:23:40 +0000 |
commit | a1e0ac3154cb99e9fe447c45dc3057bdf8b484bf (patch) | |
tree | 81131f9e2c9e34d56c707248dd3e43f4cd926691 | |
parent | 5e6291efbaada33f05e953eb2bf293c5808a8c6d (diff) | |
parent | 85582c070e315178b35ddfa373f5fc97171534e8 (diff) | |
download | redbull-sepolicy-a1e0ac3154cb99e9fe447c45dc3057bdf8b484bf.tar.gz |
Merge "Update ST NFC/SecureElement policies" am: 85582c070e
Original change: https://android-review.googlesource.com/c/device/google/redbull-sepolicy/+/1488057
Change-Id: Iba7e837bf280ad12bb086a08aa0d1e8e4f5120ba
-rw-r--r-- | vendor/google/file.te | 1 | ||||
-rw-r--r-- | vendor/st/file_contexts | 1 | ||||
-rw-r--r-- | vendor/st/hal_nfc_default.te | 6 | ||||
-rw-r--r-- | vendor/st/hal_secure_element_default.te | 9 | ||||
-rw-r--r-- | vendor/st/property.te | 1 | ||||
-rw-r--r-- | vendor/st/property_contexts | 2 | ||||
-rw-r--r-- | vendor/st/vendor_init.te | 4 |
7 files changed, 18 insertions, 6 deletions
diff --git a/vendor/google/file.te b/vendor/google/file.te index a7e64fe..89982d6 100644 --- a/vendor/google/file.te +++ b/vendor/google/file.te @@ -23,7 +23,6 @@ type sysfs_imei, sysfs_type, fs_type; type debugfs_usb, debugfs_type, fs_type; type mediadrm_vendor_data_file, file_type, data_file_type; type diag_socket, file_type, mlstrustedobject; -type ese_vendor_data_file, file_type, data_file_type; type debugfs_dma_buf, debugfs_type, fs_type; type debugfs_clk, debugfs_type, fs_type; type debugfs_pmic, debugfs_type, fs_type; diff --git a/vendor/st/file_contexts b/vendor/st/file_contexts index e469549..9a3ea7e 100644 --- a/vendor/st/file_contexts +++ b/vendor/st/file_contexts @@ -11,6 +11,5 @@ ################################### # data files -/data/vendor/ese(/.*)? u:object_r:ese_vendor_data_file:s0 /data/nfc(/.*)? u:object_r:nfc_data_file:s0 diff --git a/vendor/st/hal_nfc_default.te b/vendor/st/hal_nfc_default.te index 66ce177..f98e78c 100644 --- a/vendor/st/hal_nfc_default.te +++ b/vendor/st/hal_nfc_default.te @@ -1,3 +1,9 @@ +# NFC property +set_prop(hal_nfc_default, vendor_nfc_prop) + +# SecureElement property +set_prop(hal_nfc_default, vendor_secure_element_prop) + # Modem property set_prop(hal_nfc_default, vendor_modem_prop) diff --git a/vendor/st/hal_secure_element_default.te b/vendor/st/hal_secure_element_default.te index 94b811d..84cde42 100644 --- a/vendor/st/hal_secure_element_default.te +++ b/vendor/st/hal_secure_element_default.te @@ -1,6 +1,7 @@ allow hal_secure_element_default secure_element_device:chr_file rw_file_perms; -allow hal_secure_element_default ese_vendor_data_file:dir create_dir_perms; -allow hal_secure_element_default ese_vendor_data_file:file create_file_perms; -allow hal_secure_element_default debugfs_ipc:dir search; +allow hal_secure_element_default nfc_device:chr_file rw_file_perms; +dontaudit hal_secure_element_default debugfs_ipc:dir search; set_prop(hal_secure_element_default, vendor_secure_element_prop) -get_prop(hal_secure_element_default, vendor_modem_prop) +set_prop(hal_secure_element_default, vendor_nfc_prop) +set_prop(hal_secure_element_default, vendor_modem_prop) + diff --git a/vendor/st/property.te b/vendor/st/property.te index 33a01ec..723121a 100644 --- a/vendor/st/property.te +++ b/vendor/st/property.te @@ -1 +1,2 @@ +vendor_internal_prop(vendor_nfc_prop) vendor_internal_prop(vendor_secure_element_prop) diff --git a/vendor/st/property_contexts b/vendor/st/property_contexts index 01a12e4..c6cd8a4 100644 --- a/vendor/st/property_contexts +++ b/vendor/st/property_contexts @@ -1,4 +1,6 @@ # SecureElement persist.vendor.se. u:object_r:vendor_secure_element_prop:s0 +# NFC +persist.vendor.nfc. u:object_r:vendor_nfc_prop:s0 diff --git a/vendor/st/vendor_init.te b/vendor/st/vendor_init.te new file mode 100644 index 0000000..abc7580 --- /dev/null +++ b/vendor/st/vendor_init.te @@ -0,0 +1,4 @@ +# NFC vendor property +set_prop(vendor_init, vendor_nfc_prop) +# SecureElement vendor property +set_prop(vendor_init, vendor_secure_element_prop) |