diff options
| -rw-r--r-- | Android.mk | 1 | ||||
| -rwxr-xr-x | common/device.te | 4 | ||||
| -rw-r--r-- | common/file_contexts | 2 | ||||
| -rwxr-xr-x | common/qfips.te | 7 |
4 files changed, 14 insertions, 0 deletions
@@ -96,6 +96,7 @@ BOARD_SEPOLICY_UNION := \ energyawareness.te \ hbtp.te \ kernel.te \ + qfips.te \ vold.te \ wfdservice.te \ usf.te \ diff --git a/common/device.te b/common/device.te index 88cae3e0..a7ffa966 100755 --- a/common/device.te +++ b/common/device.te @@ -93,6 +93,10 @@ type pta_device, dev_type; type bu21150_device, dev_type; type hbtp_device, dev_type; +#Define qfintverify device +type qce_device, dev_type; +type rng_device, dev_type; + #added for voice device type voice_device, dev_type; diff --git a/common/file_contexts b/common/file_contexts index 9fdf2bb0..10c82619 100644 --- a/common/file_contexts +++ b/common/file_contexts @@ -66,6 +66,8 @@ /dev/coresight-tmc-etr u:object_r:qdss_device:s0 /dev/coresight-tmc-etr-stream u:object_r:qdss_device:s0 /dev/system_health_monitor u:object_r:system_health_monitor_device:s0 +/dev/qce u:object_r:qce_device:s0 +/dev/msm-rng u:object_r:rng_device:s0 ################################### # Dev socket nodes diff --git a/common/qfips.te b/common/qfips.te new file mode 100755 index 00000000..82b9eff6 --- /dev/null +++ b/common/qfips.te @@ -0,0 +1,7 @@ +# add domain for qfintverify, +type qfips, domain; + +domain_trans(init, rootfs, qfips) + +# Allow qfips read/write access to qce and rng devices. +allow qfips {qce_device rng_device}:chr_file rw_file_perms; |