From 56066c828c0a67c76eea50ad032e8fc68dfc1b24 Mon Sep 17 00:00:00 2001
From: Demon Singur <demonsingur@gmail.com>
Date: Tue, 18 Sep 2018 08:02:13 +0000
Subject: msm8996-common: sepolicy: solve vendor_init denials

Solves the following denials.

denied { search } for pid=546 comm="init" name="dpm" dev="sda17" ino=1204225 scontext=u:r:vendor_init:s0 tcontext=u:object_r:dpmd_data_file:s0 tclass=dir permissive=0
denied { search } for pid=546 comm="init" name="thermal" dev="sda17" ino=3325953 scontext=u:r:vendor_init:s0 tcontext=u:object_r:thermal_data_file:s0 tclass=dir permissive=0
denied { search } for pid=546 comm="init" name="thermal" dev="sda17" ino=3325953 scontext=u:r:vendor_init:s0 tcontext=u:object_r:thermal_data_file:s0 tclass=dir permissive=0
denied { setattr } for pid=546 comm="init" name="camera" dev="sda17" ino=3121215 scontext=u:r:vendor_init:s0 tcontext=u:object_r:camera_data_file:s0 tclass=dir permissive=0

Change-Id: I824f7c27c9f93630ba7b65252609777197e3a682
---
 sepolicy/vendor_init.te | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/sepolicy/vendor_init.te b/sepolicy/vendor_init.te
index e921f9c..f4404cf 100644
--- a/sepolicy/vendor_init.te
+++ b/sepolicy/vendor_init.te
@@ -1 +1,11 @@
+typeattribute vendor_init data_between_core_and_vendor_violators;
 allow vendor_init proc_kernel_sched:file write;
+
+allow vendor_init {
+    camera_data_file
+    cnd_data_file
+#   dpmd_data_file
+    fpc_data_file
+    thermal_data_file
+    tombstone_data_file
+}:dir create_dir_perms;
-- 
cgit v1.2.3