From aee246e0406cdacbaa8f9230f55a6ac6481b665b Mon Sep 17 00:00:00 2001 From: Sampath Kumar Sudi Date: Sun, 27 Aug 2023 22:08:25 -0700 Subject: [PATCH] sepoliy_vndr: Added ipd seplolices Added policies to read ipd driver from /mnt/vendor/ipd/calib/ files Change-Id: I49519dc734bb6fa174724488fdec627ab839f3c1 --- generic/vendor/anorak/genfs_contexts | 4 ++++ qva/vendor/anorak/file.te | 1 + qva/vendor/anorak/init_shell.te | 5 +++++ 3 files changed, 10 insertions(+) diff --git a/generic/vendor/anorak/genfs_contexts b/generic/vendor/anorak/genfs_contexts index 2964a4e0..bfdce6db 100644 --- a/generic/vendor/anorak/genfs_contexts +++ b/generic/vendor/anorak/genfs_contexts @@ -215,3 +215,7 @@ genfscon sysfs /devices/platform/soc/994000.qcom,qup_uart/wakeup u:object_r:sysf genfscon sysfs /devices/platform/soc/3000000.remoteproc-adsp/remoteproc/remoteproc1/3000000.remoteproc-adsp:glink-edge/3000000.remoteproc-adsp:glink-edge.adsp_apps.-1.-1/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/soc/3000000.remoteproc-adsp/remoteproc/remoteproc0/3000000.remoteproc-adsp:glink-edge/3000000.remoteproc-adsp:glink-edge.adsp_apps.-1.-1/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/soc/1c10000.qcom,pcie/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/soc/988000.i2c/i2c-0/0-0010/near_res u:object_r:vendor_sysfs_ipd:s0 +genfscon sysfs /devices/platform/soc/988000.i2c/i2c-0/0-0010/far_res u:object_r:vendor_sysfs_ipd:s0 +genfscon sysfs /devices/platform/soc/988000.i2c/i2c-0/0-0010/near_ipd u:object_r:vendor_sysfs_ipd:s0 +genfscon sysfs /devices/platform/soc/988000.i2c/i2c-0/0-0010/far_ipd u:object_r:vendor_sysfs_ipd:s0 diff --git a/qva/vendor/anorak/file.te b/qva/vendor/anorak/file.te index e4f0934c..37ceccea 100644 --- a/qva/vendor/anorak/file.te +++ b/qva/vendor/anorak/file.te @@ -39,3 +39,4 @@ type vendor_kx_file, file_type, vendor_file_type; #calib file types type vendor_calib_file, file_type, vendor_calib_file_type; allow { vendor_calib_file }self:filesystem associate; +type vendor_sysfs_ipd, sysfs_type, fs_type; diff --git a/qva/vendor/anorak/init_shell.te b/qva/vendor/anorak/init_shell.te index e7a9c7c7..e6f8fec2 100644 --- a/qva/vendor/anorak/init_shell.te +++ b/qva/vendor/anorak/init_shell.te @@ -7,3 +7,8 @@ allow vendor_qti_init_shell configfs:dir rw_dir_perms; allow vendor_qti_init_shell configfs:dir create_dir_perms; allow vendor_qti_init_shell configfs:file rw_file_perms; allow vendor_qti_init_shell configfs:file create_file_perms; + +#============= vendor_qti_init_shell ============== +allow vendor_qti_init_shell vendor_sysfs_ipd:file { write } ; +allow vendor_qti_init_shell vendor_calib_file:dir { getattr search }; +allow vendor_qti_init_shell vendor_calib_file:file { getattr open read };