diff options
| author | Nikhil Chaturvedi <quic_nchaturv@quicinc.com> | 2023-04-11 18:00:17 -0700 |
|---|---|---|
| committer | Gerrit - the friendly Code Review server <code-review@localhost> | 2023-04-17 14:28:02 -0700 |
| commit | 16df2b50ec0546ee03ea00a6d2a4fe68bd9d3597 (patch) | |
| tree | d7431d0343cea509d6739cdc6acfed3750b6a0a2 | |
| parent | ec98f4bebca9558334013d3cc5fe81b43afad8c6 (diff) | |
sepolicy_vndr:SP data logger entries for filesystem access
Change-Id: I69d9f65f90db19bb6f096f8dc58df83c4e525889
Signed-off-by: Nikhil Chaturvedi <quic_nchaturv@quicinc.com>
| -rw-r--r-- | qva/vendor/common/file.te | 1 | ||||
| -rw-r--r-- | qva/vendor/common/file_contexts | 1 | ||||
| -rw-r--r-- | qva/vendor/common/spdaemon.te | 5 |
3 files changed, 7 insertions, 0 deletions
diff --git a/qva/vendor/common/file.te b/qva/vendor/common/file.te index 6f2767dc..3298198d 100644 --- a/qva/vendor/common/file.te +++ b/qva/vendor/common/file.te @@ -97,6 +97,7 @@ type vendor_qti_data_file, file_type, data_file_type; type vendor_persist_secnvm_file, file_type , vendor_persist_type; type vendor_persist_iar_db_file, file_type , vendor_persist_type; +type vendor_persist_spudc_file, file_type , vendor_persist_type; #mink-lowi-interface-daemon (mlid) socket type vendor_mlid_socket, file_type, mlstrustedobject; diff --git a/qva/vendor/common/file_contexts b/qva/vendor/common/file_contexts index 6aaeae79..69fddb14 100644 --- a/qva/vendor/common/file_contexts +++ b/qva/vendor/common/file_contexts @@ -240,6 +240,7 @@ /mnt/vendor/persist/FTM_AP(/.*)? u:object_r:vendor_persist_mmi_file:s0 /mnt/vendor/persist/vpp(/.*)? u:object_r:vendor_persist_vpp_file:s0 /mnt/vendor/persist/hvdcp_opti(/.*)? u:object_r:vendor_persist_hvdcp_file:s0 +/mnt/vendor/persist/spudc(/.*)? u:object_r:vendor_persist_spudc_file:s0 # spunvm partition /mnt/vendor/spunvm(/.*)? u:object_r:vendor_spunvm_file:s0 diff --git a/qva/vendor/common/spdaemon.te b/qva/vendor/common/spdaemon.te index 3568031c..55541de5 100644 --- a/qva/vendor/common/spdaemon.te +++ b/qva/vendor/common/spdaemon.te @@ -31,6 +31,8 @@ type vendor_spdaemon, domain; type vendor_spdaemon_exec, exec_type, vendor_file_type, file_type; init_daemon_domain(vendor_spdaemon) +binder_call(vendor_spdaemon, servicemanager) +hal_client_domain(vendor_spdaemon, vendor_hal_qms_qti) # Allow access to spss_utils device allow vendor_spdaemon vendor_spss_utils_device:chr_file rw_file_perms; @@ -55,6 +57,9 @@ r_dir_file(vendor_spdaemon, firmware_file); use_vendor_per_mgr(vendor_spdaemon) hal_client_domain(vendor_spdaemon, hal_telephony) +#Allow to access SPU-DC at /mnt/vendor/persist/spudc +allow vendor_spdaemon vendor_persist_spudc_file:dir rw_dir_perms; +allow vendor_spdaemon vendor_persist_spudc_file:file create_file_perms; # Allow to access IAR-DB at /mnt/vendor/persist/iar_db allow vendor_spdaemon vendor_persist_iar_db_file:dir rw_dir_perms; allow vendor_spdaemon vendor_persist_iar_db_file:file create_file_perms; |