From 7a7c67f73abde816716d124926656205eee48c1a Mon Sep 17 00:00:00 2001
From: Ahmed Harhash <email@lacentix.me>
Date: Thu, 2 Jun 2022 23:22:14 +0200
Subject: [PATCH 1/2] avicii: sepolicy: Allow update_engine to search for
 firmware partitions

---
 sepolicy/vendor/hal_bootctl_default.te |  1 +
 sepolicy/vendor/update_engine.te       | 10 ++++++++++
 2 files changed, 11 insertions(+)
 create mode 100644 sepolicy/vendor/hal_bootctl_default.te
 create mode 100644 sepolicy/vendor/update_engine.te

diff --git a/sepolicy/vendor/hal_bootctl_default.te b/sepolicy/vendor/hal_bootctl_default.te
new file mode 100644
index 0000000..84d58d3
--- /dev/null
+++ b/sepolicy/vendor/hal_bootctl_default.te
@@ -0,0 +1 @@
+allow hal_bootctl_default uefi_block_device:blk_file getattr;
diff --git a/sepolicy/vendor/update_engine.te b/sepolicy/vendor/update_engine.te
new file mode 100644
index 0000000..293fe18
--- /dev/null
+++ b/sepolicy/vendor/update_engine.te
@@ -0,0 +1,10 @@
+allow update_engine {
+    firmware_file
+    bt_firmware_file
+    }:filesystem getattr;
+
+allow update_engine {
+    adsprpcd_file
+    firmware_file
+    metadata_file
+}:dir search;
-- 
GitLab


From 10917939e821fc3549311041c2df47d0a89adc98 Mon Sep 17 00:00:00 2001
From: Ahmed Harhash <email@lacentix.me>
Date: Thu, 2 Jun 2022 23:33:55 +0200
Subject: [PATCH 2/2] avicii: sepolicy: Remove extra spaces

---
 sepolicy/vendor/update_engine.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sepolicy/vendor/update_engine.te b/sepolicy/vendor/update_engine.te
index 293fe18..29464bb 100644
--- a/sepolicy/vendor/update_engine.te
+++ b/sepolicy/vendor/update_engine.te
@@ -1,7 +1,7 @@
 allow update_engine {
     firmware_file
     bt_firmware_file
-    }:filesystem getattr;
+}:filesystem getattr;
 
 allow update_engine {
     adsprpcd_file
-- 
GitLab