From 3e68a51fccc4cef78ffb19c0f4c5a907e13351e7 Mon Sep 17 00:00:00 2001 From: Davide Garberi Date: Wed, 10 Oct 2018 17:33:51 +0200 Subject: msm8996-common: sepolicy: Move neverallows to neverallows.te Change-Id: Ie067c2f0f6ec96edd110c79d143de36b20708b47 Signed-off-by: Davide Garberi --- sepolicy/charger.te | 3 --- sepolicy/init.te | 1 - sepolicy/neverallows.te | 6 ++++++ 3 files changed, 6 insertions(+), 4 deletions(-) (limited to 'sepolicy') diff --git a/sepolicy/charger.te b/sepolicy/charger.te index 02e345f..944a1c0 100644 --- a/sepolicy/charger.te +++ b/sepolicy/charger.te @@ -1,5 +1,2 @@ -allow charger mnt_vendor_file:dir create_dir_perms; -allow charger mnt_vendor_file:file create_file_perms; allow charger rtc_device:chr_file r_file_perms; -allow charger self:capability dac_override; allow charger sysfs_battery_supply:file read; diff --git a/sepolicy/init.te b/sepolicy/init.te index cf3120e..159809a 100644 --- a/sepolicy/init.te +++ b/sepolicy/init.te @@ -11,4 +11,3 @@ allow init sysfs_fingerprint:file { open read setattr write }; allow init sysfs:file setattr; allow init tee_device:chr_file write; allow init hidl_base_hwservice:hwservice_manager add; -allow init sysfs_scsi_devices_0000:file { open setattr write }; diff --git a/sepolicy/neverallows.te b/sepolicy/neverallows.te index 4cd7823..ddf1d48 100644 --- a/sepolicy/neverallows.te +++ b/sepolicy/neverallows.te @@ -1,3 +1,8 @@ +# Charger +allow charger mnt_vendor_file:dir create_dir_perms; +allow charger mnt_vendor_file:file create_file_perms; +allow charger self:capability dac_override; + # CND allow cnd default_android_hwservice:hwservice_manager add; @@ -10,6 +15,7 @@ allow ims default_android_hwservice:hwservice_manager find; # Init binder_call(init, system_server); allow init sysfs:file { open read write }; +allow init sysfs_scsi_devices_0000:file { open setattr write }; # Netmgrd allow netmgrd vendor_xlat_prop:property_service set; -- cgit v1.2.3