Address SELinux denials with rild.
Allow r/w access to /dev/diag on userdebug/eng builds. avc: denied { read write } for pid=204 comm="rild" name="diag" dev="tmpfs" ino=8404 scontext=u:r:rild:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file avc: denied { open } for pid=204 comm="rild" name="diag" dev="tmpfs" ino=8404 scontext=u:r:rild:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file Grant radio sockets access to rild. avc: denied { write } for pid=323 comm="rild" name="qmux_radio" dev="tmpfs" ino=1053 scontext=u:r:rild:s0 tcontext=u:object_r:qmuxd_socket:s0 tclass=dir avc: denied { write } for pid=323 comm="rild" name="qmux_connect_socket" dev="tmpfs" ino=1309 scontext=u:r:rild:s0 tcontext=u:object_r:qmuxd_socket:s0 tclass=sock_file avc: denied { connectto } for pid=323 comm="rild" path="/dev/socket/qmux_radio/qmux_connect_socket" scontext=u:r:rild:s0 tcontext=u:r:qmux:s0 tclass=unix_stream_socket Change-Id: I89f7531fb006bfcae9f97b979fba61f3ed6badde Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This commit is contained in:
parent
af7988ac35
commit
62d77eeceb
|
@ -122,6 +122,7 @@ BOARD_SEPOLICY_UNION += \
|
|||
netmgrd.te \
|
||||
ppd.te \
|
||||
qmux.te \
|
||||
rild.te \
|
||||
rmt.te \
|
||||
sensors.te \
|
||||
surfaceflinger.te \
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
userdebug_or_eng(`
|
||||
allow rild diag_device:chr_file rw_file_perms;
|
||||
')
|
||||
|
||||
qmux_socket(rild)
|
Loading…
Reference in New Issue