-
Notifications
You must be signed in to change notification settings - Fork 245
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
To let evs_app run normally, these rules are needed. Test done: evs_app can run normally. Tracked-On: OAM-118860 Signed-off-by: jizhenlo <[email protected]>
- Loading branch information
Showing
1 changed file
with
44 additions
and
0 deletions.
There are no files selected for viewing
44 changes: 44 additions & 0 deletions
44
bsp_diff/base_aaos/device/intel/sepolicy/0004-Add-sepolicy-rules-for-evs_app.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
From e1c829258650d7b02ef8beb717c40d7f2b8b4468 Mon Sep 17 00:00:00 2001 | ||
From: jizhenlo <[email protected]> | ||
Date: Wed, 22 May 2024 16:08:28 +0800 | ||
Subject: [PATCH] Add sepolicy rules for evs_app | ||
|
||
To let evs_app run normally, these rules are needed. | ||
|
||
Tracked-On: OAM-118860 | ||
Signed-off-by: jizhenlo <[email protected]> | ||
--- | ||
car/evsmanagerd.te | 1 + | ||
car/file_contexts | 2 ++ | ||
car/hal_graphics_allocator.te | 1 + | ||
3 files changed, 4 insertions(+) | ||
create mode 100644 car/evsmanagerd.te | ||
create mode 100644 car/hal_graphics_allocator.te | ||
|
||
diff --git a/car/evsmanagerd.te b/car/evsmanagerd.te | ||
new file mode 100644 | ||
index 0000000..26534bc | ||
--- /dev/null | ||
+++ b/car/evsmanagerd.te | ||
@@ -0,0 +1 @@ | ||
+allow evsmanagerd hal_graphics_allocator_default_tmpfs:file rw_file_perms; | ||
diff --git a/car/file_contexts b/car/file_contexts | ||
index dfbebfa..26d1317 100644 | ||
--- a/car/file_contexts | ||
+++ b/car/file_contexts | ||
@@ -3,3 +3,5 @@ | ||
|
||
/vendor/bin/hw/android.hardware.broadcastradio@intel-service u:object_r:hal_broadcastradio_default_exec:s0 | ||
/vendor/bin/hw/[email protected] u:object_r:hal_audiocontrol_default_exec:s0 | ||
+ | ||
+/dev/media[0-9]+ u:object_r:video_device:s0 | ||
diff --git a/car/hal_graphics_allocator.te b/car/hal_graphics_allocator.te | ||
new file mode 100644 | ||
index 0000000..3991430 | ||
--- /dev/null | ||
+++ b/car/hal_graphics_allocator.te | ||
@@ -0,0 +1 @@ | ||
+allow { hal_graphics_allocator_client -isolated_app_all } hal_graphics_allocator_default_tmpfs:file rw_file_perms; | ||
-- | ||
2.25.1 | ||
|