diff options
| author | Cosme Domínguez Díaz <cosme.ddiaz@gmail.com> | 2018-10-08 21:09:57 +0200 |
|---|---|---|
| committer | Davide Garberi <dade.garberi@gmail.com> | 2018-10-07 15:23:12 +0200 |
| commit | 2b7c98d72b967c22f168ce29734cdef69f1173e6 (patch) | |
| tree | 5fb1d9f966dc06665a6fb0e0212f082ccf6e0b57 /sepolicy | |
| parent | 8c26155a613b94b3e0de7e48b3b79884680dd0cb (diff) | |
msm8996-common: sepolicy: Address time_daemon denials
avc: denied { write } for pid=673 comm="time_daemon" name="time" dev="sda10" ino=15159 scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=dir permissive=1
avc: denied { write } for pid=673 comm="time_daemon" name="time" dev="sda10" ino=15159 scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=dir permissive=1
avc: denied { add_name } for pid=673 comm="time_daemon" name="ats_15" scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=dir permissive=1
avc: denied { add_name } for pid=673 comm="time_daemon" name="ats_15" scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=dir permissive=1
avc: denied { create } for pid=673 comm="time_daemon" name="ats_15" scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=file permissive=1
avc: denied { create } for pid=673 comm="time_daemon" name="ats_15" scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=file permissive=1
avc: denied { write } for pid=673 comm="time_daemon" name="time" dev="sda10" ino=15159 scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=dir permissive=1
avc: denied { write } for pid=673 comm="time_daemon" name="time" dev="sda10" ino=15159 scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=dir permissive=1
avc: denied { add_name } for pid=673 comm="time_daemon" name="ats_2" scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=dir permissive=1
avc: denied { add_name } for pid=673 comm="time_daemon" name="ats_2" scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=dir permissive=1
avc: denied { create } for pid=673 comm="time_daemon" name="ats_2" scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=file permissive=1
avc: denied { create } for pid=673 comm="time_daemon" name="ats_2" scontext=u:r:time_daemon:s0 tcontext=u:object_r:time_data_file:s0 tclass=file permissive=1
Diffstat (limited to 'sepolicy')
| -rw-r--r-- | sepolicy/time_daemon.te | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sepolicy/time_daemon.te b/sepolicy/time_daemon.te index 3896a0a..d8a8394 100644 --- a/sepolicy/time_daemon.te +++ b/sepolicy/time_daemon.te @@ -1,5 +1,5 @@ allow time_daemon sysfs_msm_subsys:dir search; allow time_daemon sysfs_msm_subsys:file { getattr open read setattr }; allow time_daemon sysfs_soc:dir search; -allow time_daemon time_data_file:file { open read write }; -allow time_daemon time_data_file:dir search; +allow time_daemon time_data_file:file create_file_perms; +allow time_daemon time_data_file:dir rw_dir_perms; |