msm8996-common: sepolicy: Address some denials

Change-Id: Id7520ca339db83eeeb8b3e608a44809141e30df3 Signed-off-by: Davide Garberi <dade.garberi@gmail.com>
author: Davide Garberi <dade.garberi@gmail.com> 2018-09-24 15:16:54 +0200
committer: Davide Garberi <dade.garberi@gmail.com> 2018-09-25 15:22:21 +0200
commit: 0adb92fe3d6a96b622d7ca417ced50e33b9f727f (patch)
tree: 9463ef694d2eb11e0a83ec86ef589b1f6dbd2799 /sepolicy/init.te
parent: e2e5733b0b21ee1af9572bb9edd55fa64be56350 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/sepolicy/init.te b/sepolicy/init.te
index 55f9fac..5d8c97e 100644
--- a/sepolicy/init.te
+++ b/sepolicy/init.te
@@ -1,12 +1,13 @@
+typeattribute init data_between_core_and_vendor_violators;
 allow init adsprpcd_file:filesystem { mount relabelfrom relabelto };
 allow init debugfs_ipc:dir relabelfrom;
 allow init debugfs_ipc:file relabelfrom;
 allow init proc_kernel_sched:file write;
-allow init sysfs_scsi_devices_0000:dir write;
+allow init proc:file { getattr open read setattr };
 allow init { ion_device tee_device }:chr_file ioctl;
 allow init hidl_base_hwservice:hwservice_manager add;
-allow init sysfs_fingerprint:file { open read write };
+allow init sysfs_fingerprint:file { open read setattr write };
+allow init sysfs:file setattr;
 allow init tee_device:chr_file write;
 allow init hidl_base_hwservice:hwservice_manager add;
-allow init sysfs_fingerprint:file { open read write };
 allow init system_server:binder call;
author	Davide Garberi <dade.garberi@gmail.com>	2018-09-24 15:16:54 +0200
committer	Davide Garberi <dade.garberi@gmail.com>	2018-09-25 15:22:21 +0200
commit	0adb92fe3d6a96b622d7ca417ced50e33b9f727f (patch)
tree	9463ef694d2eb11e0a83ec86ef589b1f6dbd2799 /sepolicy/init.te
parent	e2e5733b0b21ee1af9572bb9edd55fa64be56350 (diff)