platform_system_sepolicy/vendor/hal_rebootescrow_default.te
Kenny Root 960f73b75b rebootescrow: allow use of block file
pmem uses a block file while access_ramoops uses a char file. Allow both for
now until we can unify on pmem.

Additionally allow the reading of vendor properties so it can read the
path to the character or block device to open.

Test: atest VtsHalRebootEscrowTargetTest
Bug: 146400078
Change-Id: Ief61534e0946480a01c635ce1672579959ec8db5
2020-01-27 12:28:44 -08:00

10 lines
463 B
Text

type hal_rebootescrow_default, domain;
hal_server_domain(hal_rebootescrow_default, hal_rebootescrow)
get_prop(hal_rebootescrow_default, rebootescrow_hal_prop);
type hal_rebootescrow_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_rebootescrow_default)
type rebootescrow_device, dev_type;
allow hal_rebootescrow_default rebootescrow_device:{ chr_file blk_file } rw_file_perms;
allow hal_rebootescrow_default block_device:dir search;