aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorontherunvaro <alvaro.brv@gmail.com>2017-02-16 23:02:32 +0100
committerdavidevinavil <davidevinavil@gmail.com>2017-04-07 13:19:04 +0200
commit0bd113d3c9da1923f411f4b763a80f6eee9e711e (patch)
treec9d91e45fe249cc9db2e2bb31325594736cba0e2
parent813f91814057873ec51369fbc0b4c2ad56e67c95 (diff)
sepolicy: address some denials
Diffstat
-rw-r--r--sepolicy/fingerprintd.te2
-rw-r--r--sepolicy/ims.te1
-rw-r--r--sepolicy/thermal-engine.te1
3 files changed, 3 insertions, 1 deletions
diff --git a/sepolicy/fingerprintd.te b/sepolicy/fingerprintd.te
index f82389a..b505659 100644
--- a/sepolicy/fingerprintd.te
+++ b/sepolicy/fingerprintd.te
@@ -1,7 +1,7 @@
r_dir_file(fingerprintd, firmware_file)
r_dir_file(fingerprintd, proc_touchpanel)
allow fingerprintd fpc_data_file:dir rw_dir_perms;
-allow fingerprintd fpc_data_file:sock_file { create unlink };
+allow fingerprintd fpc_data_file:sock_file { create unlink setattr };
allow fingerprintd fpc_images_file:dir rw_dir_perms;
allow fingerprintd fpc_images_file:file create_file_perms;
allow fingerprintd sysfs_fpc_irq:file rw_file_perms;
diff --git a/sepolicy/ims.te b/sepolicy/ims.te
index 6269bab..472504a 100644
--- a/sepolicy/ims.te
+++ b/sepolicy/ims.te
@@ -1,2 +1,3 @@
allow ims diag_prop:property_service set;
+allow ims self:capability net_raw;
get_prop(ims, diag_prop);
diff --git a/sepolicy/thermal-engine.te b/sepolicy/thermal-engine.te
index 596fb92..af4785d 100644
--- a/sepolicy/thermal-engine.te
+++ b/sepolicy/thermal-engine.te
@@ -3,3 +3,4 @@ type_transition thermal-engine system_data_file:file thermal_data_file "decrypt.
allow thermal-engine sysfs_kgsl:file r_file_perms;
allow thermal-engine system_data_file:dir w_dir_perms;
allow thermal-engine thermal_data_file:file create_file_perms;
+allow thermal-engine sysfs_usb_supply:dir search;
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-19 23:29:39 +0000