diff options
author | Cosme Domínguez Díaz <cosme.ddiaz@gmail.com> | 2018-05-12 17:53:54 +0200 |
---|---|---|
committer | Cosme Domínguez Díaz <cosme.ddiaz@gmail.com> | 2018-05-13 18:51:25 +0200 |
commit | 5539afd62b3826afae4746b606d28aaa0cbfc00c (patch) | |
tree | f55a9c4dc5ca3b420123aee5e120349a05f7f93f /sepolicy | |
parent | d604691a1953929ab19e85657a660d8e89342134 (diff) |
msm8996-common: sepolicy: Remove duplicated rules.
* And system_app and vold fixup.
Diffstat (limited to 'sepolicy')
-rw-r--r-- | sepolicy/hal_fingerprint_default.te | 5 | ||||
-rw-r--r-- | sepolicy/system_app.te | 5 | ||||
-rw-r--r-- | sepolicy/vold.te | 6 |
3 files changed, 11 insertions, 5 deletions
diff --git a/sepolicy/hal_fingerprint_default.te b/sepolicy/hal_fingerprint_default.te index 3a655b1..6d1b757 100644 --- a/sepolicy/hal_fingerprint_default.te +++ b/sepolicy/hal_fingerprint_default.te @@ -1,11 +1,12 @@ typeattribute hal_fingerprint_default socket_between_core_and_vendor_violators; r_dir_file(hal_fingerprint_default, firmware_file) -allow hal_fingerprint_default tee_device:chr_file ioctl; -allow hal_fingerprint_default fpc_data_file:dir rw_dir_perms; + allow hal_fingerprint_default sysfs_fingerprint:dir r_dir_perms; allow hal_fingerprint_default sysfs_fingerprint:file rw_file_perms; + allow hal_fingerprint_default tee_device:chr_file rw_file_perms; allow hal_fingerprint_default firmware_file:file r_file_perms; + allow hal_fingerprint_default fpc_data_file:dir create_dir_perms; allow hal_fingerprint_default fpc_data_file:sock_file { create setattr unlink }; diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te index 56cb70d..fded46c 100644 --- a/sepolicy/system_app.te +++ b/sepolicy/system_app.te @@ -1,2 +1,7 @@ allow system_app sysfs_fingerprint:file rw_file_perms; allow system_app shell_prop:property_service set; + +binder_call(system_app, wificond); + +dontaudit system_app netd_service:service_manager find; +dontaudit system_app installd_service:service_manager find; diff --git a/sepolicy/vold.te b/sepolicy/vold.te index 4fda929..9df6017 100644 --- a/sepolicy/vold.te +++ b/sepolicy/vold.te @@ -1,3 +1,3 @@ -allow vold persist_file:dir r_file_perms; -allow vold proc_irq:dir r_dir_perms; -allow vold sysfs_scsi_devices_0000:file rw_file_perms; +allow vold persist_file:dir r_dir_perms; +dontaudit vold proc_irq:dir read; +allow vold sysfs_scsi_devices_0000:file w_file_perms; |