Allow VS to read vendor cfg for assignable devices Bug: 297313212 Test: add /vendor/etc/avf/assignable_devices.xml and run vm info Change-Id: I602be057b118ac68a59e6c4f5f7fce17685cd7ae

commit: d61618bcb6ec97fb187ce9db088dc25cd93c17fe [log] [tgz]
author: Inseob Kim <inseob@google.com> Wed Aug 30 14:04:24 2023 +0900
committer: Inseob Kim <inseob@google.com> Wed Aug 30 14:14:51 2023 +0900
tree: 1d346dd932dfd0dad6428c5239b9a94ce550a27c
parent: 3734f169cac5200908f2fa5790e744705d9b1c41 [diff]
diff --git a/private/virtualizationservice.te b/private/virtualizationservice.te
index 14662fa..c11fac5 100644
--- a/private/virtualizationservice.te
+++ b/private/virtualizationservice.te

@@ -66,6 +66,9 @@
 # Allow virtualizationservice to access VM DTBO via a file created by virtualizationmanager.
 allow virtualizationservice virtualizationmanager:fd use;
 
+# Allow virtualizationservice to access vendor_configs_file to get the list of assignable devices.
+r_dir_file(virtualizationservice, vendor_configs_file)
+
 neverallow {
   domain
   -init
commit	d61618bcb6ec97fb187ce9db088dc25cd93c17fe	[log] [tgz]
author	Inseob Kim <inseob@google.com>	Wed Aug 30 14:04:24 2023 +0900
committer	Inseob Kim <inseob@google.com>	Wed Aug 30 14:14:51 2023 +0900
tree	1d346dd932dfd0dad6428c5239b9a94ce550a27c
parent	3734f169cac5200908f2fa5790e744705d9b1c41 [diff]