diff options
| author | ChihYao Chien <ccchien@google.com> | 2021-05-21 17:47:47 +0000 |
|---|---|---|
| committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2021-05-21 17:47:47 +0000 |
| commit | b2b26c7ee6d162098698696dbd46552cc2264e08 (patch) | |
| tree | 11441a972e108cff28b55487be59efd3f6923d6f | |
| parent | e067dee1b434558e32b31e273b7bf5ae2ce0f33f (diff) | |
| parent | 9e67b6a0bcbcb4b2c6b56f2044743baf4da17160 (diff) | |
| download | sunfish-sepolicy-b2b26c7ee6d162098698696dbd46552cc2264e08.tar.gz | |
Sync QCOM sepolicy rules am: 9e67b6a0bc
Original change: https://googleplex-android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/14672872
Change-Id: Icc9fe8ec3d7b4b5298fd68a5af62fe060957e9ce
| -rw-r--r-- | vendor/google/genfs_contexts | 2 | ||||
| -rw-r--r-- | vendor/google/init_qti_chg_policy.te | 7 | ||||
| -rw-r--r-- | vendor/qcom/common/cnd.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/hvdcp.te | 2 | ||||
| -rw-r--r-- | vendor/qcom/common/hwservice.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/hwservice_contexts | 2 | ||||
| -rw-r--r-- | vendor/qcom/common/seapp_contexts | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/sensors.te | 2 |
8 files changed, 17 insertions, 1 deletions
diff --git a/vendor/google/genfs_contexts b/vendor/google/genfs_contexts index 0670681..f2173b2 100644 --- a/vendor/google/genfs_contexts +++ b/vendor/google/genfs_contexts @@ -52,6 +52,8 @@ genfscon sysfs /devices/platform/soc/a8c000.i2c/i2c-2/2-0010/iio:device2 u:object_r:sysfs_power_stats:s0 # Not used by PowerStatsHal +genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-00/c440000.qcom,spmi:qcom,pm6150@0:vadc@3100/iio:device0 +u:object_r:sysfs_power_stats_ignore:s0 genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-04/c440000.qcom,spmi:qcom,pm6150l@4:vadc@3100/iio:device1 u:object_r:sysfs_power_stats_ignore:s0 diff --git a/vendor/google/init_qti_chg_policy.te b/vendor/google/init_qti_chg_policy.te index 44815ce..924d3d1 100644 --- a/vendor/google/init_qti_chg_policy.te +++ b/vendor/google/init_qti_chg_policy.te @@ -7,5 +7,12 @@ allow init_qti_chg_policy vendor_toolbox_exec:file rx_file_perms; allow init_qti_chg_policy sysfs_batteryinfo:file create_file_perms; allow init_qti_chg_policy sysfs_batteryinfo:dir r_dir_perms; allow init_qti_chg_policy sysfs_contaminant:file create_file_perms; +allow init_qti_chg_policy sysfs_wakeup:dir r_dir_perms; +allow init_qti_chg_policy sysfs_wakeup:file getattr; +allow init_qti_chg_policy sysfs_iio_devices:dir search; +allow init_qti_chg_policy sysfs_power_stats_ignore:dir search; +allow init_qti_chg_policy sysfs_power_stats_ignore:file r_file_perms; +allow init_qti_chg_policy sysfs_power_stats:dir search; +allow init_qti_chg_policy sysfs_power_stats:file r_file_perms; set_prop(init_qti_chg_policy, vendor_hvdcp_opti_prop) diff --git a/vendor/qcom/common/cnd.te b/vendor/qcom/common/cnd.te index 473de1b..30acc21 100644 --- a/vendor/qcom/common/cnd.te +++ b/vendor/qcom/common/cnd.te @@ -20,6 +20,7 @@ allow cnd cnd_data_file:dir rw_dir_perms; wakelock_use(cnd) # To register cnd to hwbinder add_hwservice(cnd, hal_datafactory_hwservice) +add_hwservice(cnd, hal_mwqemadapter_hwservice) userdebug_or_eng(` allow cnd diag_device:chr_file rw_file_perms; ') diff --git a/vendor/qcom/common/hvdcp.te b/vendor/qcom/common/hvdcp.te index 7cdae50..9c1b7eb 100644 --- a/vendor/qcom/common/hvdcp.te +++ b/vendor/qcom/common/hvdcp.te @@ -7,7 +7,7 @@ allow hvdcp sysfs_batteryinfo:dir r_dir_perms; allow hvdcp qg_device:chr_file rw_file_perms; allow hvdcp self:capability2 wake_alarm; allow hvdcp self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; -allow hvdcp kmsg_device:chr_file r_file_perms; +allow hvdcp kmsg_device:chr_file rw_file_perms; allow hvdcp mnt_vendor_file:dir r_dir_perms; allow hvdcp persist_file:dir search; allow hvdcp persist_hvdcp_file:dir search; diff --git a/vendor/qcom/common/hwservice.te b/vendor/qcom/common/hwservice.te index 11c8147..5f091a5 100644 --- a/vendor/qcom/common/hwservice.te +++ b/vendor/qcom/common/hwservice.te @@ -21,3 +21,4 @@ type hal_dataconnection_hwservice, hwservice_manager_type, vendor_hwservice_type type hal_cacert_hwservice, hwservice_manager_type, vendor_hwservice_type; type hal_capabilityconfigstore_qti_hwservice, hwservice_manager_type, vendor_hwservice_type; type hal_qseecom_hwservice, hwservice_manager_type, protected_hwservice, vendor_hwservice_type; +type hal_mwqemadapter_hwservice, hwservice_manager_type, protected_hwservice; diff --git a/vendor/qcom/common/hwservice_contexts b/vendor/qcom/common/hwservice_contexts index 75e64a1..f275324 100644 --- a/vendor/qcom/common/hwservice_contexts +++ b/vendor/qcom/common/hwservice_contexts @@ -15,6 +15,7 @@ vendor.qti.hardware.qdutils_disp::IQdutilsDisp u:object vendor.qti.hardware.qteeconnector::IAppConnector u:object_r:hal_qteeconnector_hwservice:s0 vendor.qti.hardware.qteeconnector::IGPAppConnector u:object_r:hal_qteeconnector_hwservice:s0 vendor.qti.hardware.radio.am::IQcRilAudio u:object_r:hal_telephony_hwservice:s0 +vendor.qti.hardware.radio.internal.deviceinfo::IDeviceInfo u:object_r:hal_telephony_hwservice:s0 vendor.qti.hardware.radio.lpa::IUimLpa u:object_r:hal_telephony_hwservice:s0 vendor.qti.hardware.radio.qcrilhook::IQtiOemHook u:object_r:hal_telephony_hwservice:s0 vendor.qti.hardware.radio.qtiradio::IQtiRadio u:object_r:hal_telephony_hwservice:s0 @@ -35,3 +36,4 @@ vendor.qti.hardware.capabilityconfigstore::ICapabilityConfigStore u:object vendor.qti.hardware.display.allocator::IQtiAllocator u:object_r:hal_graphics_allocator_hwservice:s0 vendor.qti.ims.callinfo::IService u:object_r:hal_imscallinfo_hwservice:s0 vendor.qti.hardware.qseecom::IQSEECom u:object_r:hal_qseecom_hwservice:s0 +vendor.qti.hardware.mwqemadapter::IMwqemAdapter u:object_r:hal_mwqemadapter_hwservice:s0 diff --git a/vendor/qcom/common/seapp_contexts b/vendor/qcom/common/seapp_contexts index 51fdd3d..6b2ff84 100644 --- a/vendor/qcom/common/seapp_contexts +++ b/vendor/qcom/common/seapp_contexts @@ -32,3 +32,4 @@ user=_app seinfo=platform name=com.qualcomm.qti.devicestatisticsservice domain=q # QtiTelephonyService app user=_app seinfo=platform name=com.qualcomm.qti.telephonyservice domain=qtelephony type=app_data_file levelFrom=all + diff --git a/vendor/qcom/common/sensors.te b/vendor/qcom/common/sensors.te index 95737d0..a423192 100644 --- a/vendor/qcom/common/sensors.te +++ b/vendor/qcom/common/sensors.te @@ -12,5 +12,7 @@ allow sensors self:qipcrtr_socket create; allow sensors sensors_persist_file:dir rw_dir_perms; r_dir_file(sensors, sysfs_msm_subsys) allow sensors sysfs_ssr:file r_file_perms; +allow sensors sensors_vendor_data_file:dir rw_dir_perms; +allow sensors sensors_vendor_data_file:file create_file_perms; dontaudit sensors sysfs_esoc:dir r_dir_perms; |