From 3746c2f486fefd24905cdac710df0dc84cebc0a3 Mon Sep 17 00:00:00 2001 From: Joshua Blanchard Date: Tue, 8 Dec 2020 19:18:54 -0500 Subject: [PATCH] msm8953-common: sepolicy: Add missing rules for persist_audio_file * Rules for persist_audio_file have been removed for legacy devices. * Instead of labeling "/mnt/vendor/persist/audio", which is the default path for audio calibration, label "/mnt/vendor/persist/factory/audio" as this is where Moto devices store these calibration files anyway. Change-Id: Ic27eb7f713e145a795cfec9de3c684fe9e2fc985 --- sepolicy/vendor/file.te | 1 + sepolicy/vendor/file_contexts | 1 + sepolicy/vendor/hal_audio_default.te | 3 +++ 3 files changed, 5 insertions(+) diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te index eb88096..cc4d76e 100644 --- a/sepolicy/vendor/file.te +++ b/sepolicy/vendor/file.te @@ -2,6 +2,7 @@ type debugfs_rmts, debugfs_type, fs_type; type debugfs_wlan, debugfs_type, fs_type; type fsg_firmware_file, file_type, contextmount_type, vendor_file_type; type perfd_socket, file_type; +type persist_audio_file, file_type, vendor_persist_type; type persist_camera_file, file_type; type persist_battery_file, file_type; type persist_mdm_file, file_type, vendor_persist_type; diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts index 78207db..4689c3c 100644 --- a/sepolicy/vendor/file_contexts +++ b/sepolicy/vendor/file_contexts @@ -12,6 +12,7 @@ # Persist /persist(/.*)? u:object_r:mnt_vendor_file:s0 +/(mnt/vendor/persist|persist)/factory/audio(/.*)? u:object_r:persist_audio_file:s0 /dev/mmi_sys_temp u:object_r:thermal_device:s0 /dev/socket/perfd u:object_r:perfd_socket:s0 diff --git a/sepolicy/vendor/hal_audio_default.te b/sepolicy/vendor/hal_audio_default.te index ee9e403..7387d36 100644 --- a/sepolicy/vendor/hal_audio_default.te +++ b/sepolicy/vendor/hal_audio_default.te @@ -1,4 +1,7 @@ unix_socket_connect(hal_audio_default, perfd, perfd) + +allow hal_audio_default persist_audio_file:dir rw_dir_perms; +allow hal_audio_default persist_audio_file:file create_file_perms; allow hal_audio_default sysfs:dir { open read }; allow hal_audio_default hal_dms_default:binder { transfer call }; allow hal_audio_default hal_dms_hwservice:hwservice_manager find;