tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Allow VS to read vendor cfg for assignable devices

Browse source 
Bug: 297313212
Test: add /vendor/etc/avf/assignable_devices.xml and run vm info
Change-Id: I602be057b118ac68a59e6c4f5f7fce17685cd7ae
This commit is contained in:
Inseob Kim 2023-08-30 14:04:24 +09:00
parent 3734f169ca
commit d61618bcb6
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
private/virtualizationservice.te
View file

@ -66,6 +66,9 @@ allow virtualizationservice vfio_device:dir r_dir_perms;
# Allow virtualizationservice to access VM DTBO via a file created by virtualizationmanager.
allow virtualizationservice virtualizationmanager:fd use;
# Allow virtualizationservice to access vendor_configs_file to get the list of assignable devices.
r_dir_file(virtualizationservice, vendor_configs_file)
neverallow {
domain
-init