Add permission for VFIO device binding vfio_handler will bind platform devices to VFIO driver, and then return a file descriptor containing DTBO. This change adds permissions needed for that. Bug: 278008182 Test: adb shell /apex/com.android.virt/bin/vm run-microdroid \ --devices /sys/bus/platform/devices/16d00000.eh --protected Change-Id: Ie947adff00d138426d4703cbb8e7a8cd429c2272

commit: 825056de9ab6c5d8231cd0039e12280eb5b0ea10 [log] [tgz]
author: Inseob Kim <inseob@google.com> Tue Aug 01 11:00:49 2023 +0900
committer: Inseob Kim <inseob@google.com> Wed Aug 02 15:06:51 2023 +0900
tree: 8ce24eec819e35e1c672917763818613e0f509c7
parent: d7d3609af7530d260b4b461b82630535ef533e41 [diff] [blame]
diff --git a/private/file_contexts b/private/file_contexts
index 0bae96e..c2a6269 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -190,6 +190,7 @@
 /dev/urandom		u:object_r:random_device:s0
 /dev/usb_accessory	u:object_r:usbaccessory_device:s0
 /dev/v4l-touch[0-9]*	u:object_r:input_device:s0
+/dev/vfio(/.*)?		u:object_r:vfio_device:s0
 /dev/vhost-vsock	u:object_r:kvm_device:s0
 /dev/video[0-9]*	u:object_r:video_device:s0
 /dev/vndbinder		u:object_r:vndbinder_device:s0
commit	825056de9ab6c5d8231cd0039e12280eb5b0ea10	[log] [tgz]
author	Inseob Kim <inseob@google.com>	Tue Aug 01 11:00:49 2023 +0900
committer	Inseob Kim <inseob@google.com>	Wed Aug 02 15:06:51 2023 +0900
tree	8ce24eec819e35e1c672917763818613e0f509c7
parent	d7d3609af7530d260b4b461b82630535ef533e41 [diff] [blame]