diff options
| author | Bill Rassieur <rassb@google.com> | 2019-03-29 04:10:55 +0000 |
|---|---|---|
| committer | Bill Rassieur <rassb@google.com> | 2019-03-29 04:10:55 +0000 |
| commit | 93698a8eba7572c95480053d803c807c4ebab05a (patch) | |
| tree | 856151d6f451a3b5dd7313d215c0e985977baf95 | |
| parent | fca26426cac1464a8eeeb3aa230cce7b15babc93 (diff) | |
| parent | 3eac15fd35bc4e842bd37d3f2c18534e7d24ccc4 (diff) | |
| download | device_generic_trusty-93698a8eba7572c95480053d803c807c4ebab05a.tar.gz device_generic_trusty-93698a8eba7572c95480053d803c807c4ebab05a.tar.bz2 device_generic_trusty-93698a8eba7572c95480053d803c807c4ebab05a.zip | |
Merge master@5406228 into git_qt-dev-plus-aosp.
Change-Id: I214707a72516df72807110d6ffc4d6c89a52f965
BUG: 129345239
| -rw-r--r-- | init.qemu_trusty.rc | 9 | ||||
| -rw-r--r-- | qemu_trusty_base.mk | 1 | ||||
| -rw-r--r-- | sepolicy/file_contexts | 5 | ||||
| -rw-r--r-- | sepolicy/storageproxyd.te | 4 | ||||
| -rw-r--r-- | sepolicy/trusty_test.te | 3 | ||||
| -rw-r--r-- | ueventd.qemu_trusty.rc | 2 |
6 files changed, 20 insertions, 4 deletions
diff --git a/init.qemu_trusty.rc b/init.qemu_trusty.rc index a67cf48..0adfad0 100644 --- a/init.qemu_trusty.rc +++ b/init.qemu_trusty.rc @@ -6,6 +6,9 @@ on early-init on post-fs-data setprop vold.post_fs_data_done 1 +# The storage proxy is a vendor binary, and so cannot access /data/ss + mkdir /data/vendor/ss 700 system system + enable storageproxyd on boot chown root system /sys/power/wake_lock @@ -104,3 +107,9 @@ service bugreport /system/bin/dumpstate -d -p -B \ disabled oneshot keycodes 114 115 116 + +service storageproxyd /vendor/bin/storageproxyd -d /dev/trusty-ipc-dev0 \ + -r /dev/vport3p1 -p /data/vendor/ss -t virt + class main + disabled + user root diff --git a/qemu_trusty_base.mk b/qemu_trusty_base.mk index 87b1bf1..e910048 100644 --- a/qemu_trusty_base.mk +++ b/qemu_trusty_base.mk @@ -74,6 +74,7 @@ PRODUCT_FULL_TREBLE_OVERRIDE := true PRODUCT_COPY_FILES += \ device/generic/qemu/fstab.ranchu:root/fstab.qemu_trusty \ device/generic/trusty/init.qemu_trusty.rc:root/init.qemu_trusty.rc \ + device/generic/trusty/ueventd.qemu_trusty.rc:root/ueventd.qemu_trusty.rc \ PRODUCT_COPY_FILES += \ device/generic/goldfish/data/etc/config.ini:config.ini \ diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 6e7e8c6..42e1b50 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -1,3 +1,6 @@ -/dev/trusty-ipc-dev0 u:object_r:trusty_ipc_device:s0 +/dev/trusty-ipc-dev0 u:object_r:tee_device:s0 +/dev/vport3p1 u:object_r:rpmb_virt_device:s0 /vendor/bin/dhcpclient u:object_r:dhcpclient_exec:s0 +/vendor/bin/storageproxyd u:object_r:tee_exec:s0 /data/vendor/var/run(/.*)? u:object_r:varrun_file:s0 +/data/vendor/ss(/.*)? u:object_r:tee_data_file:s0 diff --git a/sepolicy/storageproxyd.te b/sepolicy/storageproxyd.te new file mode 100644 index 0000000..578106b --- /dev/null +++ b/sepolicy/storageproxyd.te @@ -0,0 +1,4 @@ +type rpmb_virt_device, dev_type; + +allow tee rpmb_virt_device:chr_file { open read write }; +allow tee self:capability { setgid setuid }; diff --git a/sepolicy/trusty_test.te b/sepolicy/trusty_test.te deleted file mode 100644 index 08d347a..0000000 --- a/sepolicy/trusty_test.te +++ /dev/null @@ -1,3 +0,0 @@ -type trusty_ipc_device, dev_type; - -allow shell trusty_ipc_device:chr_file { open read write ioctl }; diff --git a/ueventd.qemu_trusty.rc b/ueventd.qemu_trusty.rc new file mode 100644 index 0000000..0fd832e --- /dev/null +++ b/ueventd.qemu_trusty.rc @@ -0,0 +1,2 @@ +/dev/vport3p1 0660 system system +/dev/trusty-ipc-dev0 0660 system drmrpc |