Evolution-x-devices/device_google_wahoo
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-02-01 07:50:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "Move hal_bootctl rules to hal_bootctl_default" am: cee6d6db58

Browse Source 
am: 5dc4c280f7

Change-Id: I8f4b6a5f7d654baefe99da94b5dd69a1a8901134
This commit is contained in:
Jeffrey Vander Stoep
2017-11-22 05:01:06 +00:00
committed by android-build-merger
parent aff5731c44 5dc4c280f7
commit 9cac94dbaf
2 changed files with 31 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
sepolicy/vendor/hal_bootctl.te vendored
View File

@@ -1,31 +0,0 @@
# These are the permissions required to use the boot_control HAL implemented
# here: hardware/qcom/bootctrl/boot_control.c
# Getting and setting GPT attributes for the bootloader iterates over all the
# partition names in the block_device directory /dev/block/.../by-name
allow hal_bootctl block_device:dir r_dir_perms;
# Edit the attributes stored in the GPT.
allow hal_bootctl gpt_block_device:blk_file rw_file_perms;
allow hal_bootctl ab_block_device:blk_file getattr;
allow hal_bootctl boot_block_device:blk_file rw_file_perms;
allow hal_bootctl modem_block_device:blk_file getattr;
allow hal_bootctl system_block_device:blk_file getattr;
allow hal_bootctl misc_block_device:blk_file rw_file_perms;
# Access /dev/sgN devices (generic SCSI) to write the
# A/B slot selection for the XBL partition. Allow also to issue a
# UFS_IOCTL_QUERY ioctl.
allow hal_bootctl sg_device:chr_file rw_file_perms;
allow hal_bootctl self:capability sys_admin;
allow hal_bootctl tmpfs:lnk_file r_file_perms;
# Read the sysfs to lookup what /dev/sgN device
# corresponds to the XBL partitions.
allow hal_bootctl sysfs:dir r_dir_perms;
# Write to the XBL devices.
allow hal_bootctl xbl_block_device:blk_file rw_file_perms;
# Expose a socket for brokered boot message access for hal_oemlock.
allow hal_bootctl hal_bootctl_socket:sock_file create_file_perms;

31
sepolicy/vendor/hal_bootctl_default.te vendored Normal file
View File

@@ -0,0 +1,31 @@
# These are the permissions required to use the boot_control HAL implemented
# here: hardware/qcom/bootctrl/boot_control.c
# Getting and setting GPT attributes for the bootloader iterates over all the
# partition names in the block_device directory /dev/block/.../by-name
allow hal_bootctl_default block_device:dir r_dir_perms;
# Edit the attributes stored in the GPT.
allow hal_bootctl_default gpt_block_device:blk_file rw_file_perms;
allow hal_bootctl_default ab_block_device:blk_file getattr;
allow hal_bootctl_default boot_block_device:blk_file rw_file_perms;
allow hal_bootctl_default modem_block_device:blk_file getattr;
allow hal_bootctl_default system_block_device:blk_file getattr;
allow hal_bootctl_default misc_block_device:blk_file rw_file_perms;
# Access /dev/sgN devices (generic SCSI) to write the
# A/B slot selection for the XBL partition. Allow also to issue a
# UFS_IOCTL_QUERY ioctl.
allow hal_bootctl_default sg_device:chr_file rw_file_perms;
allow hal_bootctl_default self:capability sys_admin;
allow hal_bootctl_default tmpfs:lnk_file r_file_perms;
# Read the sysfs to lookup what /dev/sgN device
# corresponds to the XBL partitions.
allow hal_bootctl_default sysfs:dir r_dir_perms;
# Write to the XBL devices.
allow hal_bootctl_default xbl_block_device:blk_file rw_file_perms;
# Expose a socket for brokered boot message access for hal_oemlock.
allow hal_bootctl_default hal_bootctl_socket:sock_file create_file_perms;