projects / GitHub / LineageOS / android_device_samsung_slsi_sepolicy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: edf6026)
common: add policy for fastbootd
authorTim Zimmermann <tim@linux4.de>
Mon, 18 Jan 2021 10:47:53 +0000 (11:47 +0100)
committerJan Altensen <info@stricted.net>
Wed, 3 Feb 2021 09:08:01 +0000 (10:08 +0100)
Change-Id: I7dc4b026befb31fe6325ab704fa2fedf3c8cc56e

common/vendor/device.te patch | blob | blame | history
common/vendor/fastbootd.te [new file with mode: 0644] patch | blob
common/vendor/file_contexts patch | blob | blame | history

diff --git a/common/vendor/device.te b/common/vendor/device.te
index c84e9697d0c2267fd754c3772abc085f08c1007d..47639b2d862e6ec9a6bbf89058bd1476f5d53d26 100644 (file)
--- a/common/vendor/device.te
+++ b/common/vendor/device.te
@@ -1,6 +1,7 @@
 # device.te
 type efs_block_device, dev_type;
 type dqmdbg_block_device, dev_type;
+type dtbo_block_device, dev_type;
 type keydata_block_device, dev_type;
 type keyrefuge_block_device, dev_type;
 type modem_block_device, dev_type;
diff --git a/common/vendor/fastbootd.te b/common/vendor/fastbootd.te
new file mode 100644 (file)
index 0000000..5435c6c
--- /dev/null
+++ b/common/vendor/fastbootd.te
@@ -0,0 +1,7 @@
+# fastbootd.te
+
+allow fastbootd {
+    boot_block_device
+    dtbo_block_device
+    recovery_block_device
+}:blk_file rw_file_perms;
diff --git a/common/vendor/file_contexts b/common/vendor/file_contexts
index 2926997db1e0855d569b9a1394fae1c42356eda7..c77e5854e5731ad6f229b047b186ae7a79b6178f 100644 (file)
--- a/common/vendor/file_contexts
+++ b/common/vendor/file_contexts
@@ -10,17 +10,22 @@
 /data/vendor/secradio(/.*)?                  u:object_r:radio_vendor_data_file:s0
 
 ### DEV
+/dev/block/platform/.+/by-name/boot          u:object_r:boot_block_device:s0
 /dev/block/platform/.+/by-name/cache         u:object_r:cache_block_device:s0
 /dev/block/platform/.+/by-name/efs           u:object_r:efs_block_device:s0
 /dev/block/platform/.+/by-name/dqmdbg        u:object_r:dqmdbg_block_device:s0
+/dev/block/platform/.+/by-name/dtbo          u:object_r:dtbo_block_device:s0
 /dev/block/platform/.+/by-name/keydata       u:object_r:keydata_block_device:s0
 /dev/block/platform/.+/by-name/keyrefuge     u:object_r:keyrefuge_block_device:s0
+/dev/block/platform/.+/by-name/metadata      u:object_r:metadata_block_device:s0
 /dev/block/platform/.+/by-name/misc          u:object_r:misc_block_device:s0
 /dev/block/platform/.+/by-name/modem         u:object_r:modem_block_device:s0
 /dev/block/platform/.+/by-name/omr           u:object_r:omr_block_device:s0
 /dev/block/platform/.+/by-name/persistent    u:object_r:frp_block_device:s0
 /dev/block/platform/.+/by-name/radio         u:object_r:radio_block_device:s0
+/dev/block/platform/.+/by-name/recovery      u:object_r:recovery_block_device:s0
 /dev/block/platform/.+/by-name/sec_efs       u:object_r:sec_efs_block_device:s0
+/dev/block/platform/.+/by-name/super         u:object_r:super_block_device:s0
 /dev/block/platform/.+/by-name/userdata      u:object_r:userdata_block_device:s0
 
 /dev/esfp[0-9]                               u:object_r:fp_sensor_device:s0