platform_system_sepolicy/vendor/hal_bootctl_default.te
Kelvin Zhang 65d6bf5391 Add proper permission for AIDL bootcontrol server
Bug: 227536004
Test: th
Change-Id: I6aff2742fb23bf7e7ce8d09493f02c4be9262fd3
2022-06-22 13:38:01 -07:00

20 lines
788 B
Text

# Boot control subsystem
type hal_bootctl_default, domain;
hal_server_domain(hal_bootctl_default, hal_bootctl)
type hal_bootctl_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_bootctl_default)
# Needed for ReadDefaultFstab.
allow hal_bootctl_default proc_cmdline:file r_file_perms;
allow hal_bootctl_default sysfs_dt_firmware_android:dir search;
allow hal_bootctl_default sysfs_dt_firmware_android:file r_file_perms;
read_fstab(hal_bootctl_default)
# Needed for reading/writing misc partition.
allow hal_bootctl_default block_device:dir search;
allow hal_bootctl_default misc_block_device:blk_file rw_file_perms;
# Needed for writing to kernel log
allow hal_bootctl_default kmsg_device:chr_file open;
allow hal_bootctl_default kmsg_device:chr_file write;