Merge "Storage: add selinux for ufs firmware upgrade event" into main

commit: 90f357aa8df2d7cf3f9f9f40b363729bed4700c7 [log] [tgz]
author: Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com> Tue Sep 03 03:36:51 2024 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> Tue Sep 03 03:36:51 2024 +0000
tree: e5096a511e7e21852345aa454003abcf860de0ef
parent: 4c672d13c9706c694aaa0a32c5bc07742a7845d7 [diff]
parent: 0f4a0bb8a2ef14874c4502720b3102548258b161 [diff]
diff --git a/storage/sepolicy/ufs_firmware_update.te b/storage/sepolicy/ufs_firmware_update.te
new file mode 100644
index 0000000..1b92976
--- /dev/null
+++ b/storage/sepolicy/ufs_firmware_update.te

@@ -0,0 +1,9 @@
+# support ufs ffu via ota
+init_daemon_domain(ufs_firmware_update)
+
+# support ufs ffu via ota
+allow ufs_firmware_update vendor_toolbox_exec:file execute_no_trans;
+allow ufs_firmware_update block_device:dir { search };
+allow ufs_firmware_update ufs_internal_block_device:blk_file rw_file_perms;
+allow ufs_firmware_update sysfs_scsi_devices_0000:file r_file_perms;
+
commit	90f357aa8df2d7cf3f9f9f40b363729bed4700c7	[log] [tgz]
author	Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com>	Tue Sep 03 03:36:51 2024 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	Tue Sep 03 03:36:51 2024 +0000
tree	e5096a511e7e21852345aa454003abcf860de0ef
parent	4c672d13c9706c694aaa0a32c5bc07742a7845d7 [diff]
parent	0f4a0bb8a2ef14874c4502720b3102548258b161 [diff]