msm8996-common: Grant system_server access to idc and keylayot dirs

system_server is configured to access idc and keylayout files in /vendor/usr/idc and /vendor/usr/keylayout. This explicitly grants this access to system_server, instead of relying on overly broad access granted by hal_client_domain(system_server, ...) macros which is no longer going to grant this overly broad access soon. Test: Modify hal_client_domain to no longer associate hal_x_client with hal_x, observe that there are no violations form system_server trying to read /vendor/usr/idc and /vendor/usr/keylayouts. Bug: 37160141 Change-Id: I136df8713f2f9ff03096e5f6cf35e3e804733040
author: Alex Klyubin <klyubin@google.com> 2017-04-07 17:50:14 -0700
committer: Cosme Domínguez Díaz <cosme.ddiaz@gmail.com> 2018-03-23 22:45:33 +0100
commit: e44dd6e62ca4c28d81a195f59eec1e1c3543c4ec (patch)
tree: 00fe55ded6b889a5ff5ff77af757bd46b3738c5e /sepolicy/file_contexts
parent: 9c54344745a9d4570f58098aeb8aff6e9bbb6460 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index b084443..3b549c0 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -34,3 +34,7 @@
 
 # audio amplifier
 /dev/tfa9890 							u:object_r:audio_device:s0
+
+# Misc files on /vendor
+/vendor/usr/idc(/.*)?                                           u:object_r:idc_file:s0
+/vendor/usr/keylayout(/.*)?                                     u:object_r:keylayout_file:s0
author	Alex Klyubin <klyubin@google.com>	2017-04-07 17:50:14 -0700
committer	Cosme Domínguez Díaz <cosme.ddiaz@gmail.com>	2018-03-23 22:45:33 +0100
commit	e44dd6e62ca4c28d81a195f59eec1e1c3543c4ec (patch)
tree	00fe55ded6b889a5ff5ff77af757bd46b3738c5e /sepolicy/file_contexts
parent	9c54344745a9d4570f58098aeb8aff6e9bbb6460 (diff)