diff options
author | Xin Li <delphij@google.com> | 2021-02-21 09:25:03 -0800 |
---|---|---|
committer | Xin Li <delphij@google.com> | 2021-02-21 09:25:03 -0800 |
commit | df0a11bc42c86c17ce2425c17b2ec450d32705e7 (patch) | |
tree | 0fecf76622467d84c877c71df1d6777d76cea466 /vendor/qcom | |
parent | ab4e00b7d4d8c41b006f7e943ede9f4f6849995c (diff) | |
parent | 40a650a671f22f008e3f14394561c93ae874d2f3 (diff) | |
download | sunfish-sepolicy-df0a11bc42c86c17ce2425c17b2ec450d32705e7.tar.gz |
Merge ab/7061308 into stage.temp_RQ2A.210305.007
Bug: 180401296
Merged-In: I6de871f2a9107c4a8438139af720a86e3e760756
Change-Id: I646cf656401a6e71345c4faf7f89ab8d0d1b822b
Diffstat (limited to 'vendor/qcom')
-rw-r--r-- | vendor/qcom/common/file_contexts | 1 | ||||
-rw-r--r-- | vendor/qcom/common/hal_drm_widevine.te | 4 | ||||
-rw-r--r-- | vendor/qcom/common/tee.te | 3 |
3 files changed, 7 insertions, 1 deletions
diff --git a/vendor/qcom/common/file_contexts b/vendor/qcom/common/file_contexts index 7931a55..38d8a33 100644 --- a/vendor/qcom/common/file_contexts +++ b/vendor/qcom/common/file_contexts @@ -248,6 +248,7 @@ /dev/msm_.* u:object_r:audio_device:s0 /dev/ramdump_.* u:object_r:ramdump_device:s0 /dev/at_.* u:object_r:at_device:s0 +/dev/qce u:object_r:qce_device:s0 # dev socket nodes /dev/socket/ipacm_log_file u:object_r:ipacm_socket:s0 diff --git a/vendor/qcom/common/hal_drm_widevine.te b/vendor/qcom/common/hal_drm_widevine.te index 4b52daf..2f8fbdd 100644 --- a/vendor/qcom/common/hal_drm_widevine.te +++ b/vendor/qcom/common/hal_drm_widevine.te @@ -10,4 +10,6 @@ allow hal_drm_widevine mediadrm_vendor_data_file:file create_file_perms; allow hal_drm_widevine hal_display_config_hwservice:hwservice_manager find; binder_call(hal_drm_widevine, hal_graphics_composer_default) -allow hal_drm_widevine { appdomain -isolated_app }:fd use;
\ No newline at end of file +allow hal_drm_widevine { appdomain -isolated_app }:fd use; + +allow hal_drm_widevine qce_device:chr_file rw_file_perms; diff --git a/vendor/qcom/common/tee.te b/vendor/qcom/common/tee.te index b28b1b7..d1e8cc1 100644 --- a/vendor/qcom/common/tee.te +++ b/vendor/qcom/common/tee.te @@ -31,3 +31,6 @@ allow tee hal_graphics_allocator_default:fd use; allow tee sysfs_wake_lock:file append; allow tee time_daemon:unix_stream_socket connectto; + +# allow tee access for secure UI to work +allow tee graphics_device:chr_file rw_file_perms; |