diff options
| author | Xin Li <delphij@google.com> | 2023-08-14 15:35:47 -0700 |
|---|---|---|
| committer | Xin Li <delphij@google.com> | 2023-08-14 15:35:47 -0700 |
| commit | 558feeabb7bc865e9c6c8c0d07d4cbdbe5721244 (patch) | |
| tree | 0a704bca83406f86f9cb22038ffc61494e4e8c5d | |
| parent | 11568a1a6ad86c6cb03526806bb6baa8d19526a6 (diff) | |
| parent | 832ad3cc9ed395c4ab523b24b48da3b74ba1c668 (diff) | |
| download | sunfish-sepolicy-tmp_amf_298295554.tar.gz | |
Merge Android U (ab/10368041)tmp_amf_298295554
Bug: 291102124
Merged-In: I9bebb6156dd629580db89b86be9bdcb190491935
Change-Id: I79bf9ac9112759eb741ea53052a2fa4c76dee35d
| -rw-r--r-- | tracking_denials/platform_app.te | 2 | ||||
| -rw-r--r-- | vendor/google/bug_map | 3 | ||||
| -rw-r--r-- | vendor/google/e2fs.te | 2 | ||||
| -rw-r--r-- | vendor/google/fsck.te | 2 | ||||
| -rw-r--r-- | vendor/qcom/common/file_contexts | 2 |
5 files changed, 6 insertions, 5 deletions
diff --git a/tracking_denials/platform_app.te b/tracking_denials/platform_app.te index df7e700..e69de29 100644 --- a/tracking_denials/platform_app.te +++ b/tracking_denials/platform_app.te @@ -1,2 +0,0 @@ -# b/162700611 -dontaudit platform_app default_android_hwservice:hwservice_manager find; diff --git a/vendor/google/bug_map b/vendor/google/bug_map index acb3f80..ed89df6 100644 --- a/vendor/google/bug_map +++ b/vendor/google/bug_map @@ -10,6 +10,3 @@ shell debugfs file b/175106535 shell device_config_runtime_native_boot_prop file b/175106535 shell sysfs file b/175106535 tee tee capability2 b/156045688 -mediaswcodec gpu_device chr_file b/194313013 -mediaswcodec sysfs_msm_subsys dir b/194313013 -mediaserver sysfs_msm_subsys dir b/194313013 diff --git a/vendor/google/e2fs.te b/vendor/google/e2fs.te new file mode 100644 index 0000000..4d2b596 --- /dev/null +++ b/vendor/google/e2fs.te @@ -0,0 +1,2 @@ +allow e2fs sysfs_scsi_devices_0000:dir r_dir_perms; +allow e2fs sysfs_scsi_devices_0000:file r_file_perms; diff --git a/vendor/google/fsck.te b/vendor/google/fsck.te index 1500b5f..7d94ea1 100644 --- a/vendor/google/fsck.te +++ b/vendor/google/fsck.te @@ -1 +1,3 @@ allow fsck persist_block_device:blk_file rw_file_perms; +allow fsck sysfs_scsi_devices_0000:dir r_dir_perms; +allow fsck sysfs_scsi_devices_0000:file r_file_perms; diff --git a/vendor/qcom/common/file_contexts b/vendor/qcom/common/file_contexts index a360e5a..9f29f95 100644 --- a/vendor/qcom/common/file_contexts +++ b/vendor/qcom/common/file_contexts @@ -53,6 +53,8 @@ /(vendor|system/vendor)/bin/hw/qcrild u:object_r:rild_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.drm@[0-9]+\.[0-9]+-service\.clearkey u:object_r:hal_drm_clearkey_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.drm(@[0-9]+\.[0-9]+)?-service\.widevine u:object_r:hal_drm_widevine_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.drm@[0-9]+\.[0-9]+-service-lazy\.clearkey u:object_r:hal_drm_widevine_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.drm@[0-9]+\.[0-9]+-service-lazy\.widevine u:object_r:hal_drm_widevine_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.gnss@.*-service-qti u:object_r:hal_gnss_qti_exec:s0 /(vendor|system/vendor)/bin/hw/vendor\.qti\.gnss@.*-service u:object_r:hal_gnss_qti_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth@1\.0-service-qti u:object_r:hal_bluetooth_default_exec:s0 |