sepolicy: allow qseecomd to access qsee_ipc_irq_spss device node

Allow qseecomd to access /dev/qsee_ipc_irq_spss, when using libspl.so , for SP-TZ communication. CRs-Fixed: 1064092 Change-Id: I5b2624082479d9f9c346aa6acc0cb2235f2f7a63
author: Amir Samuelov <amirs@codeaurora.org> 2016-09-09 07:24:00 +0300
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2016-09-09 06:29:58 -0700
commit: 33976eddb60185447c86d9b2d63019d0ea244187 (patch)
tree: 0fa2ccaeaa46a88d6cee82e426f56f9c12f729e1
parent: 17cde0630b9bbb849080895fe86fecac99b063ba (diff)
download: android_device_qcom_sepolicy-33976eddb60185447c86d9b2d63019d0ea244187.tar.gz
android_device_qcom_sepolicy-33976eddb60185447c86d9b2d63019d0ea244187.tar.bz2
android_device_qcom_sepolicy-33976eddb60185447c86d9b2d63019d0ea244187.zip
3 files changed, 7 insertions, 1 deletions
diff --git a/common/device.te b/common/device.te
index 266f97ba..f1997642 100644
--- a/common/device.te
+++ b/common/device.te
@@ -101,6 +101,9 @@ type sp_keymaster_device, dev_type;
 # Define cryptoapp device
 type cryptoapp_device, dev_type;
 
+# Define qsee_ipc_irq_spss device
+type qsee_ipc_irq_spss_device, dev_type;
+
 # Define QDSS devices
 type qdss_device, dev_type;
 
diff --git a/common/file_contexts b/common/file_contexts
index f4d41119..534fcec9 100644
--- a/common/file_contexts
+++ b/common/file_contexts
@@ -21,6 +21,7 @@
 /dev/sp_ssr                                     u:object_r:sp_ssr_device:s0
 /dev/sp_keymaster                               u:object_r:sp_keymaster_device:s0
 /dev/cryptoapp                                  u:object_r:cryptoapp_device:s0
+/dev/qsee_ipc_irq_spss                          u:object_r:qsee_ipc_irq_spss_device:s0
 /dev/seemplog                                   u:object_r:seemplog_device:s0
 /dev/radio0                                     u:object_r:fm_radio_device:s0
 /dev/rtc0                                       u:object_r:rtc_device:s0
@@ -347,7 +348,6 @@
 /persist/drm(/.*)?                                                  u:object_r:persist_drm_file:s0
 /persist/sensors(/.*)?                                              u:object_r:sensors_persist_file:s0
 /persist/alarm(/.*)?                                                u:object_r:persist_alarm_file:s0
-/persist/time(/.*)?                                                 u:object_r:persist_time_file:s0
 /persist/data(/.*)?                                                 u:object_r:persist_drm_file:s0
 /persist/data/tz(/.*)?                                              u:object_r:persist_drm_file:s0
 /persist/data/sfs(/.*)?                                             u:object_r:persist_drm_file:s0
diff --git a/common/qseecomd.te b/common/qseecomd.te
index 6f21134b..a2118202 100644
--- a/common/qseecomd.te
+++ b/common/qseecomd.te
@@ -71,6 +71,9 @@ allow tee system_prop:property_service set;
 allow tee qfp-daemon_data_file:dir create_dir_perms;
 allow tee qfp-daemon_data_file:file create_file_perms;
 
+# Allow access to qsee_ipc_irq_spss device
+allow tee qsee_ipc_irq_spss_device:chr_file rw_file_perms;
+
 #allow access to fingerprintd data file
 allow tee fingerprintd_data_file:dir create_dir_perms;
 allow tee fingerprintd_data_file:file create_file_perms;
author	Amir Samuelov <amirs@codeaurora.org>	2016-09-09 07:24:00 +0300
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2016-09-09 06:29:58 -0700
commit	33976eddb60185447c86d9b2d63019d0ea244187 (patch)
tree	0fa2ccaeaa46a88d6cee82e426f56f9c12f729e1
parent	17cde0630b9bbb849080895fe86fecac99b063ba (diff)
download	android_device_qcom_sepolicy-33976eddb60185447c86d9b2d63019d0ea244187.tar.gz android_device_qcom_sepolicy-33976eddb60185447c86d9b2d63019d0ea244187.tar.bz2 android_device_qcom_sepolicy-33976eddb60185447c86d9b2d63019d0ea244187.zip