init: allow access to /config for USB setup
Addresses:
avc: denied { write } for name="usb_gadget" dev="configfs" ino=3140 scontext=u:r:init:s0 tcontext=u:object_r:configfs:s0 tclass=dir
avc: denied { add_name } for name="g1" scontext=u:r:init:s0 tcontext=u:object_r:configfs:s0 tclass=dir
avc: denied { create } for name="g1" scontext=u:r:init:s0 tcontext=u:object_r:configfs:s0 tclass=dir
avc: denied { write } for name="idVendor" dev="configfs" ino=5136 scontext=u:r:init:s0 tcontext=u:object_r:configfs:s0 tclass=file
avc: denied { create } for name="b.1" scontext=u:r:init:s0 tcontext=u:object_r:configfs:s0 tclass=lnk_file
avc: denied { create } for name="f1" scontext=u:r:init:s0 tcontext=u:object_r:configfs:s0 tclass=lnk_file
Bug: 26904332
Change-Id: Ic9ca1730c6428f430639618caf9443f42f948e86
diff --git a/sepolicy/init.te b/sepolicy/init.te
new file mode 100644
index 0000000..cd0bcac
--- /dev/null
+++ b/sepolicy/init.te
@@ -0,0 +1,4 @@
+# init.hikey.usb.rc writes to /config/* to set up USB
+allow init configfs:dir create_file_perms;
+allow init configfs:file write;
+allow init configfs:lnk_file create;