2e08559c2b
TEE stores its file in /data/vendor/thh/. Allow it required permissions
to do so.
Denials observed without this change:
12-28 16:42:11.556 416 416 I teei_daemon: type=1400 audit(0.0:394): avc: denied { open } for path="/data/vendor/thh/7778c03fc30c4dd0a319ea29643d4d4b." dev="sdc46" ino=2490455 scontext=u:r:tee:s0 tcontext=u:object_r:vendor_data_file:s0 tclass=dir permissive=1
Test: Boot and notice that denials have resolved
Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Change-Id: I1a608ebac628c8ce9c35ece1566e049236321a4b
10 lines
331 B
Plaintext
10 lines
331 B
Plaintext
allow tee ut_keymaster_device:chr_file rw_file_perms;
|
|
|
|
allow tee teei_rpmb_device:chr_file rw_file_perms;
|
|
allow tee teei_rpmb_device:blk_file { read write ioctl open };
|
|
|
|
allow tee teei_vfs_device:chr_file rw_file_perms;
|
|
|
|
allow tee vendor_teei_data_file:dir create_dir_perms;
|
|
allow tee vendor_teei_data_file:file create_file_perms;
|