Evolution-x-devices/device_google_wahoo
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-01-29 02:44:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adding allows for the following boot-time denials

Browse Source 
denied { read write } for pid=605 comm="qseecomd" name="sda3"
dev="tmpfs" ino=21567 scontext=u:r:tee:s0
tcontext=u:object_r:sda_block_device:s0 tclass=blk_file

denied { open } for pid=605 comm="qseecomd" path="/dev/block/sda3"
dev="tmpfs" ino=21567 scontext=u:r:tee:s0
tcontext=u:object_r:sda_block_device:s0 tclass=blk_file

Bug: 34784662
Test: The above denials are no longer present
Change-Id: I67440c501d6582e54fa7179a93910d8d1d9c88aa
This commit is contained in:
Max Bires
2017-03-20 15:25:50 -07:00
parent 22ca167f43
commit 46f6aa7fe3
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
sepolicy/tee.te
View File

@@ -6,5 +6,6 @@ set_prop(tee, tee_listener_prop)
set_prop(tee, keymaster_prop)
allow tee block_device:dir { getattr search };
allow tee sda_block_device:blk_file rw_file_perms;
allow tee sdd_block_device:blk_file rw_file_perms;
allow tee sg_device:chr_file { rw_file_perms setattr };