Hello,
I created a kernel module called devtest that gets built into the kernel. And, I've written a native application to communicate with it via ioctl calls that I push onto my phone to run. I've also modified init.rc to change the owner of my dev file to system rather than root. But, I still have to set sepolicy to permissive to be able to communicate with my dev file. I tried writing rules to allow me to communicate with my modules but they didn't seem to work.
I created a folder called test under device/google/wahoo/sepolicy/ and called it test, then I added this into my BoardConfig.mk with "BOARD_SEPOLICY_DIRS += device/google/wahoo/sepolicy/test"
My file_contexts looks like this:
/dev/devtest u:object_r:test_device:s0
and my test.te looks like
type test_device, dev_type;
type test_domain, domain;
allow test_domain test_device:chr_file { read write getattr ioctl open create append };
Is there anything I am missing?
Thanks