| commit | ea3e08d53ddd1a71ab34166fe7ff842d1e46bccd | [log] [tgz] |
|---|---|---|
| author | Jaewan Kim <jaewan@google.com> | Mon Jun 17 09:29:05 2024 +0000 |
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | Wed Jun 19 01:06:25 2024 +0000 |
| tree | 40e4cba9b85477a9bce4ba01f135fb932349ea59 | |
| parent | cd0a00b7c485688298efc322630cd7d19235767b [diff] |
Allow shell to read AVF DT nodes Hostside test needs to check existence of /proc/device-tree/avf/guest to check whether AVF debug policy is installed. Bug: 345118393 Test: Verified manually on tangorpro-user (cherry picked from https://android-review.googlesource.com/q/commit:168e04da79db850714afd018a6e88da983c89579) Merged-In: I33d6bd1bd7c5513395f162e2bcbbfd15c1b80bcd Change-Id: I33d6bd1bd7c5513395f162e2bcbbfd15c1b80bcd
diff --git a/private/shell.te b/private/shell.te index 263db8c..e421ec6 100644 --- a/private/shell.te +++ b/private/shell.te
@@ -436,6 +436,9 @@ allowxperm shell vmlauncher_app_devpts:chr_file ioctl unpriv_tty_ioctls; ') +# Allow CTS to check whether AVF debug policy is installed +allow shell { proc_dt_avf sysfs_dt_avf }:dir search; + # Allow access to ion memory allocation device. allow shell ion_device:chr_file rw_file_perms;