From 76a47f64010d86cbd1c76f4c7c7c46a1acc2cd77 Mon Sep 17 00:00:00 2001
From: Vol Zhdanov <wight554@gmail.com>
Date: Mon, 17 Sep 2018 21:45:16 +0000
Subject: msm8996-common: sepolicy: mark vendor core_data violators

Change-Id: I9571f2a3cb82ea0de6ff4e76335ab9454ba66f3d
---
 sepolicy/hal_bluetooth_default.te   | 4 +++-
 sepolicy/hal_fingerprint_default.te | 1 +
 sepolicy/tee.te                     | 1 +
 sepolicy/thermal-engine.te          | 1 +
 4 files changed, 6 insertions(+), 1 deletion(-)

(limited to 'sepolicy')

diff --git a/sepolicy/hal_bluetooth_default.te b/sepolicy/hal_bluetooth_default.te
index cd5c85d..2ee676b 100644
--- a/sepolicy/hal_bluetooth_default.te
+++ b/sepolicy/hal_bluetooth_default.te
@@ -1,4 +1,6 @@
-allow hal_bluetooth_default bluetooth_data_file:dir ra_dir_perms;
+typeattribute hal_bluetooth_default data_between_core_and_vendor_violators;
+allow hal_bluetooth_default bluetooth_data_file:dir rw_dir_perms;
+
 allow hal_bluetooth_default bluetooth_data_file:file create_file_perms;
 
 allow hal_bluetooth_default wcnss_filter:unix_stream_socket connectto;
diff --git a/sepolicy/hal_fingerprint_default.te b/sepolicy/hal_fingerprint_default.te
index 6d1b757..fee691f 100644
--- a/sepolicy/hal_fingerprint_default.te
+++ b/sepolicy/hal_fingerprint_default.te
@@ -1,4 +1,5 @@
 typeattribute hal_fingerprint_default socket_between_core_and_vendor_violators;
+typeattribute hal_fingerprint_default data_between_core_and_vendor_violators;
 
 r_dir_file(hal_fingerprint_default, firmware_file)
 
diff --git a/sepolicy/tee.te b/sepolicy/tee.te
index c42d6a3..a207d65 100644
--- a/sepolicy/tee.te
+++ b/sepolicy/tee.te
@@ -1 +1,2 @@
+typeattribute tee data_between_core_and_vendor_violators;
 allow tee fingerprintd_data_file:file { open read };
diff --git a/sepolicy/thermal-engine.te b/sepolicy/thermal-engine.te
index a0d2651..59626eb 100644
--- a/sepolicy/thermal-engine.te
+++ b/sepolicy/thermal-engine.te
@@ -1,3 +1,4 @@
+typeattribute thermal-engine data_between_core_and_vendor_violators;
 allow thermal-engine sysfs_msm_subsys:dir search;
 
 allow thermal-engine sysfs_usb_supply:dir search;
-- 
cgit v1.2.3