Google Git
Sign in
android / device / google / cuttlefish / 0771c6f^! / .
commit0771c6f25a4fc0731118287ee5c9f80ab2bcd0cf[log] [tgz]
authorAlistair Delva <adelva@google.com>Fri Dec 27 12:13:44 2019 -0800
committerAlistair Delva <adelva@google.com>Fri Dec 27 22:31:45 2019 +0000
tree4f14a1ce4ee02ebe63b2788f2c62eb862d71c62a
parent3d7531b0b3c1bb36ee700dbe617881b7614b77c7 [diff]
Fix sepolicy for -gpu_mode=drm_virgl

Allows us to use launch_cvd with "-gpu_mode=drm_virgl" without disabling
guest sepolicy enforcement again. This breakage was caused by device
assignments changing in newer crosvm builds and an update to
drm_hwcomposer.

Bug: 128842306
Change-Id: Icf3524a58413dc64a2711f6a30a545aed87971b4
Merged-In: Icf3524a58413dc64a2711f6a30a545aed87971b4

diff --git a/shared/sepolicy/vendor/genfs_contexts b/shared/sepolicy/vendor/genfs_contexts
index 9250d73..dc586f5 100644
--- a/shared/sepolicy/vendor/genfs_contexts
+++ b/shared/sepolicy/vendor/genfs_contexts

@@ -6,20 +6,12 @@
 genfscon sysfs /devices/platform/rtc-test.1/rtc/rtc1/wakeup1  u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/rtc-test.1/wakeup/wakeup0  u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/rtc-test.2/wakeup/wakeup2 u:object_r:sysfs_wakeup:s0
-genfscon sysfs /devices/pci0000:00/0000:00:04.0/virtio2/net u:object_r:sysfs_net:s0 # (new) qemu composite buried_eth0 & wlan0
-genfscon sysfs /devices/pci0000:00/0000:00:05.0/virtio3/net u:object_r:sysfs_net:s0 # (new) qemu composite rmnet0
-genfscon sysfs /devices/pci0000:00/0000:00:06.0/virtio5/net u:object_r:sysfs_net:s0 # (new) crosvm composite buried_eth0 & wlan0
-genfscon sysfs /devices/pci0000:00/0000:00:07.0/virtio6/net u:object_r:sysfs_net:s0 # (new) crosvm composite rmnet0
-genfscon sysfs /devices/pci0000:00/0000:00:07.0/virtio5/net u:object_r:sysfs_net:s0 # (new) qemu buried_eth0 & wlan0
-genfscon sysfs /devices/pci0000:00/0000:00:08.0/virtio6/net u:object_r:sysfs_net:s0 # (new) qemu rmnet0
-genfscon sysfs /devices/pci0000:00/0000:00:09.0/virtio8/net u:object_r:sysfs_net:s0 # (new) crosvm buried_eth0 & wlan0
-genfscon sysfs /devices/pci0000:00/0000:00:0a.0/virtio9/net u:object_r:sysfs_net:s0 # (new) crosvm rmnet0
-genfscon sysfs /devices/pci0000:00/0000:00:09.0/virtio7/net u:object_r:sysfs_net:s0 # (old) qemu buried_eth0 & wlan0
-genfscon sysfs /devices/pci0000:00/0000:00:0a.0/virtio8/net u:object_r:sysfs_net:s0 # (old) qemu rmnet0
-genfscon sysfs /devices/pci0000:00/0000:00:0b.0/virtio10/net u:object_r:sysfs_net:s0 # (old) crosvm buried_eth0 & wlan0
-genfscon sysfs /devices/pci0000:00/0000:00:0c.0/virtio11/net u:object_r:sysfs_net:s0 # (old) crosvm rmnet0
-genfscon sysfs /devices/pci0000:00/0000:00:0b.0/device u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/pci0000:00/0000:00:0b.0/subsystem_device u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/pci0000:00/0000:00:0b.0/subsystem_vendor u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/pci0000:00/0000:00:0b.0/uevent u:object_r:sysfs_gpu:s0
-genfscon sysfs /devices/pci0000:00/0000:00:0b.0/vendor u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/pci0000:00/0000:00:04.0/virtio2/net u:object_r:sysfs_net:s0 # qemu buried_eth0 & wlan0
+genfscon sysfs /devices/pci0000:00/0000:00:05.0/virtio3/net u:object_r:sysfs_net:s0 # qemu rmnet0
+genfscon sysfs /devices/pci0000:00/0000:00:06.0/virtio5/net u:object_r:sysfs_net:s0 # crosvm buried_eth0 & wlan0
+genfscon sysfs /devices/pci0000:00/0000:00:07.0/virtio6/net u:object_r:sysfs_net:s0 # crosvm rmnet0
+genfscon sysfs /devices/pci0000:00/0000:00:09.0/device u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/pci0000:00/0000:00:09.0/subsystem_device u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/pci0000:00/0000:00:09.0/subsystem_vendor u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/pci0000:00/0000:00:09.0/uevent u:object_r:sysfs_gpu:s0
+genfscon sysfs /devices/pci0000:00/0000:00:09.0/vendor u:object_r:sysfs_gpu:s0

diff --git a/shared/sepolicy/vendor/property_contexts b/shared/sepolicy/vendor/property_contexts
index ac64ad9..12abbe1 100644
--- a/shared/sepolicy/vendor/property_contexts
+++ b/shared/sepolicy/vendor/property_contexts

@@ -21,4 +21,5 @@
 vendor.vsock_logcat_status  u:object_r:vsock_logcat_status_prop:s0
 hwc.drm.device u:object_r:cf_graphics_config_prop:s0 exact string
 hwc.drm.exclude_non_hwfb_imports u:object_r:cf_graphics_config_prop:s0 exact int
+hwc.drm.primary_display_order u:object_r:cf_graphics_config_prop:s0 exact string
 hwc.drm.use_overlay_planes u:object_r:cf_graphics_config_prop:s0 exact int