NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_device_mediatek_sep.../non_plat/tee.te
Aayush Gupta 22380a4614 non_plat: Label /dev/tee* and grant required perms to domains 
/dev/tee* are accessed by domains that interact with TEE and thus
require access to them too.

Test: Boot and observe that denials are not visible in logs anymore

Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Change-Id: I7b0944a1063da8561d2928e4110674ce4845ecea
2020-12-30 17:00:34 +05:30

12 lines
412 B
Plaintext
Raw Blame History

allow tee ut_keymaster_device:chr_file rw_file_perms;
allow tee teei_rpmb_device:chr_file rw_file_perms;
allow tee teei_rpmb_device:blk_file { read write ioctl open };
allow tee teei_vfs_device:chr_file rw_file_perms;
allow tee vendor_teei_data_file:dir create_dir_perms;
allow tee vendor_teei_data_file:file create_file_perms;
allow tee teei_client_device:chr_file { create setattr unlink rw_file_perms };;
Reference in New Issue View Git Blame Copy Permalink