msm8996-common: sepolicy: solve vendor_init denials

Solves the following denials. denied { search } for pid=546 comm="init" name="dpm" dev="sda17" ino=1204225 scontext=u:r:vendor_init:s0 tcontext=u:object_r:dpmd_data_file:s0 tclass=dir permissive=0 denied { search } for pid=546 comm="init" name="thermal" dev="sda17" ino=3325953 scontext=u:r:vendor_init:s0 tcontext=u:object_r:thermal_data_file:s0 tclass=dir permissive=0 denied { search } for pid=546 comm="init" name="thermal" dev="sda17" ino=3325953 scontext=u:r:vendor_init:s0 tcontext=u:object_r:thermal_data_file:s0 tclass=dir permissive=0 denied { setattr } for pid=546 comm="init" name="camera" dev="sda17" ino=3121215 scontext=u:r:vendor_init:s0 tcontext=u:object_r:camera_data_file:s0 tclass=dir permissive=0 Change-Id: I824f7c27c9f93630ba7b65252609777197e3a682
author: Demon Singur <demonsingur@gmail.com> 2018-09-18 08:02:13 +0000
committer: Davide Garberi <dade.garberi@gmail.com> 2018-09-25 15:22:21 +0200
commit: 56066c828c0a67c76eea50ad032e8fc68dfc1b24 (patch)
tree: 23bcfb5cf41761f7a3d32627a916c4fe50253bc9
parent: c9c3d70a4614afc61787edc093ca5fec06ba77eb (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/sepolicy/vendor_init.te b/sepolicy/vendor_init.te
index e921f9c..f4404cf 100644
--- a/sepolicy/vendor_init.te
+++ b/sepolicy/vendor_init.te
@@ -1 +1,11 @@
+typeattribute vendor_init data_between_core_and_vendor_violators;
 allow vendor_init proc_kernel_sched:file write;
+
+allow vendor_init {
+    camera_data_file
+    cnd_data_file
+#   dpmd_data_file
+    fpc_data_file
+    thermal_data_file
+    tombstone_data_file
+}:dir create_dir_perms;
author	Demon Singur <demonsingur@gmail.com>	2018-09-18 08:02:13 +0000
committer	Davide Garberi <dade.garberi@gmail.com>	2018-09-25 15:22:21 +0200
commit	56066c828c0a67c76eea50ad032e8fc68dfc1b24 (patch)
tree	23bcfb5cf41761f7a3d32627a916c4fe50253bc9
parent	c9c3d70a4614afc61787edc093ca5fec06ba77eb (diff)