Home | History | Annotate | Download | only in sepolicy 
      1 # secure-os storage-daemon
      2 
      3 allow tee self:capability { setuid setgid sys_rawio };
      4 
      5 # secure os communication
      6 # in global tee.te
      7 
      8 # rpmb operations
      9 allow tee block_device:dir { search };
     10 allow tee mmc_rpmb_block_device:blk_file rw_file_perms;
     11 
     12 # data
     13 allow tee tee_data_file:dir create_dir_perms;
     14 # create files -- in global tee.te
     15