sepolicy: basic: non_plat: Seperate Core NFC data from vendor

* Required to pass new SEPolicy tests. Signed-off-by: bengris32 <bengris32@protonmail.ch> Change-Id: I9d137c9e156692b798161afae7e61b604d839cda
2022-08-31 10:05:28 +01:00 · 2022-08-31 10:05:28 +01:00 · 2e9c05d5e0
commit 2e9c05d5e0
parent 05133df612
3 changed files with 4 additions and 5 deletions
--- a/basic/non_plat/file.te
+++ b/basic/non_plat/file.te
@ -436,6 +436,7 @@ type cct_data_file, file_type, data_file_type;
 type mediaserver_data_file, file_type, data_file_type;
 type mediacodec_data_file, file_type, data_file_type;
 type connsyslog_data_vendor_file, file_type, data_file_type;
 type nfc_data_vendor_file, file_type, data_file_type;
 # AAO
 type data_vendor_aao_file, file_type, data_file_type;
--- a/basic/non_plat/file_contexts
+++ b/basic/non_plat/file_contexts
@ -25,7 +25,7 @@
 /data/mdl(/.*)?                     u:object_r:mdlog_data_file:s0
 /data/mdl3(/.*)?                    u:object_r:mdlog_data_file:s0
 /data/nfc(/.*)?                     u:object_r:nfc_data_file:s0
-/data/vendor/nfc(/.*)?                     u:object_r:nfc_data_file:s0
+/data/vendor/nfc(/.*)?              u:object_r:nfc_data_vendor_file:s0
 /data/nfc_socket(/.*)?              u:object_r:nfc_socket_file:s0
 /data/vendor/nfc_socket(/.*)?       u:object_r:vendor_nfc_socket_file:s0
 /data/vendor/md3(/.*)?              u:object_r:c2k_file:s0
--- a/basic/non_plat/hal_nfc_default.te
+++ b/basic/non_plat/hal_nfc_default.te
@ -1,4 +1,2 @@
-typeattribute hal_nfc_default data_between_core_and_vendor_violators;
+allow hal_nfc_default nfc_data_vendor_file:dir rw_dir_perms;
-
+allow hal_nfc_default nfc_data_vendor_file:file { create_file_perms rw_file_perms };
 allow hal_nfc_default nfc_data_file:dir rw_dir_perms;
 allow hal_nfc_default nfc_data_file:file { create_file_perms rw_file_perms };