diff options
| author | mtk80905 <xiao.liu@mediatek.com> | 2019-11-07 11:29:01 +0800 |
|---|---|---|
| committer | Xiao.Liu <xiao.liu@mediatek.com> | 2019-11-07 15:07:03 +0800 |
| commit | c793f3c90651b1fd483621e5795e41cf91cdf63e (patch) | |
| tree | e5d188ee25ec8aa45dfb791b1af2ac2f37c12e54 | |
| parent | 7b021c62aa51a474e12c59a805f97b27b940e357 (diff) | |
| download | device_mediatek_wembley-sepolicy-c793f3c90651b1fd483621e5795e41cf91cdf63e.tar.gz device_mediatek_wembley-sepolicy-c793f3c90651b1fd483621e5795e41cf91cdf63e.tar.bz2 device_mediatek_wembley-sepolicy-c793f3c90651b1fd483621e5795e41cf91cdf63e.zip | |
[ALPS04752203] Add vendor permission for fastbootd sepolicy enable
Google patch system/sepolicy/private/domain.te
Vendor sepolicy device/mediatek/sepolicy/basic/non_plat/fastbootd.te
Change-Id: I998679ac71c6018fc5f0305226bd73f91fd3f27e
CR-Id: ALPS04752203
Feature: [Android Default] Fastboot
| -rw-r--r-- | non_plat/fastbootd.te | 31 |
1 files changed, 17 insertions, 14 deletions
diff --git a/non_plat/fastbootd.te b/non_plat/fastbootd.te index 9e273ab..0a48fbd 100644 --- a/non_plat/fastbootd.te +++ b/non_plat/fastbootd.te @@ -1,25 +1,28 @@ # fastbootd (used in recovery init.rc for /sbin/fastbootd) -#allow fastbootd { -# bootdevice_block_device +allow fastbootd { + bootdevice_block_device # cache_block_device # logo_block_device -# para_block_device -# }:blk_file { rw_file_perms }; + para_block_device + }:blk_file { rw_file_perms }; + +allow fastbootd { + sysfs_boot_type +}:file { rw_file_perms }; -#allow fastbootd { -# sysfs_boot_type -#}:file { rw_file_perms }; +allow fastbootd self:process setfscreate; +allow fastbootd self:capability sys_rawio; -#allowxperm fastbootd { -# bootdevice_block_device +allowxperm fastbootd { + bootdevice_block_device # cache_block_device # logo_block_device # para_block_device -# }:blk_file ioctl { -# BLKSECDISCARD -# BLKDISCARD -# MMC_IOCTLCMD -# }; + }:blk_file ioctl { + BLKSECDISCARD + BLKDISCARD + MMC_IOCTLCMD + }; |