android/device_phh_treble
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

WIP continue on ota

Browse Source
This commit is contained in:
Pierre-Hugues Husson 2022-02-01 19:22:27 -05:00
parent 59a5f1a447
commit 089dcc7bc0
2 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ota/phh-ota.cpp
View File

@ -75,10 +75,11 @@ int main(int argc, char **argv) {
}
unlink("/dev/phh-ota");
mknod("/dev/phh-ota", 0644, S_IFBLK | makedev(major(sb.st_rdev), minor(sb.st_rdev)));
mknod("/dev/phh-ota", 0664 | S_IFBLK, makedev(major(sb.st_rdev), minor(sb.st_rdev)));
chmod("/dev/phh-ota", 0664);
// Allow system uid to write there
chown("/dev/phh-ota", 0, 1000);
const char *dstContext = "u:r:phhota_dev:s0";
const char *dstContext = "u:object_r:phhota_dev:s0";
setxattr("/dev/phh-ota", "security.selinux", dstContext, strlen(dstContext), 0);
return 0;

12
sepolicy/phh.te
View File

@ -3,3 +3,15 @@ typeattribute phhota_dev mlstrustedobject;
allow phhsu_daemon phhota_dev:blk_file rw_file_perms;
allow system_app phhota_dev:blk_file rw_file_perms;
allow kernel phhsu_daemon:fd use;
allow phhsu_daemon gsi_data_file:file ioctl;
allowxperm phhsu_daemon gsi_data_file:file ioctl { 0x660b };
allow phhsu_daemon loop_device:blk_file ioctl;
allowxperm phhsu_daemon loop_device:blk_file ioctl { 0x4c00 };
allow phhsu_daemon userdata_block_device:blk_file ioctl;
allowxperm phhsu_daemon userdata_block_device:blk_file ioctl { 0x1278 };
allow kernel gsi_data_file:file rw_file_perms;