diff --git a/non_plat/device.te b/non_plat/device.te index ffd225d..6375965 100644 --- a/non_plat/device.te +++ b/non_plat/device.te @@ -276,6 +276,7 @@ type dri_device, dev_type, mlstrustedobject; # TEE type teei_fp_device, dev_type; type teei_rpmb_device, dev_type; +type teei_config_device, dev_type; type teei_vfs_device, dev_type; type teei_client_device, dev_type; diff --git a/non_plat/file_contexts b/non_plat/file_contexts index 28048d0..6eaee6f 100644 --- a/non_plat/file_contexts +++ b/non_plat/file_contexts @@ -699,6 +699,7 @@ /dev/tz_vfs u:object_r:teei_vfs_device:s0 /dev/tee0 u:object_r:teei_client_device:s0 /dev/teei_client u:object_r:teei_client_device:s0 +/dev/teei_config u:object_r:teei_config_device:s0 /data/vendor/thh(/.*)? u:object_r:vendor_teei_data_file:s0 diff --git a/non_plat/tee.te b/non_plat/tee.te index b3d6428..0d3b25e 100644 --- a/non_plat/tee.te +++ b/non_plat/tee.te @@ -9,5 +9,6 @@ allow tee vendor_teei_data_file:dir create_dir_perms; allow tee vendor_teei_data_file:file create_file_perms; allow tee teei_client_device:chr_file { create setattr unlink rw_file_perms };; +allow tee teei_config_device:chr_file rw_file_perms; allow tee property_socket:sock_file write;