diff options
Diffstat (limited to 'sepolicy/hal_fingerprint_default.te')
| -rw-r--r-- | sepolicy/hal_fingerprint_default.te | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/sepolicy/hal_fingerprint_default.te b/sepolicy/hal_fingerprint_default.te new file mode 100644 index 0000000..8749fe8 --- /dev/null +++ b/sepolicy/hal_fingerprint_default.te @@ -0,0 +1,19 @@ +r_dir_file(hal_fingerprint_default, firmware_file) +allow hal_fingerprint_default tee_device:chr_file ioctl; +allow hal_fingerprint_default sysfs:file write; +allow hal_fingerprint_default fpc_data_file:dir rw_dir_perms; +allow hal_fingerprint_default fpc_data_file:sock_file { create unlink setattr }; +allow hal_fingerprint_default fpc_images_file:dir rw_dir_perms; +allow hal_fingerprint_default fpc_images_file:file create_file_perms; +allow hal_fingerprint_default sysfs_fpc_irq:file rw_file_perms; +allow hal_fingerprint_default tee_device:chr_file rw_file_perms; +allow hal_fingerprint_default firmware_file:dir { search read }; +allow hal_fingerprint_default firmware_file:file { read open }; +allow hal_fingerprint_default system_data_file:dir write; +allow hal_fingerprint_default system_data_file:dir add_name; +allow hal_fingerprint_default system_data_file:dir create; +allow hal_fingerprint_default system_data_file:sock_file create; +allow hal_fingerprint_default system_data_file:dir read; +allow hal_fingerprint_default system_data_file:sock_file setattr; +allow hal_fingerprint_default system_data_file:dir { open remove_name }; +allow hal_fingerprint_default system_data_file:sock_file unlink; |