flo: sepolicy: Resolve last_kmsg denials
Change-Id: Ib6a00d0c14eb03f1e16b24471736a0b84371152c
This commit is contained in:
parent
d939b1911d
commit
65bdcd8c23
|
@ -8,6 +8,7 @@ type persist_camera_file, file_type;
|
|||
type persist_sensors_file, file_type;
|
||||
type persist_wifi_file, file_type;
|
||||
|
||||
type proc_last_kmsg, fs_type, proc_type;
|
||||
type sysfs_rmnet, fs_type, sysfs_type;
|
||||
type sysfs_soc, sysfs_type, fs_type;
|
||||
type sysfs_surfaceflinger, fs_type, sysfs_type;
|
||||
|
|
|
@ -1,3 +1,6 @@
|
|||
# proc labels
|
||||
genfscon proc /last_kmsg u:object_r:proc_last_kmsg:s0
|
||||
|
||||
# sysfs
|
||||
genfscon sysfs /class/android_usb/f_rmnet_smd_sdio/transport u:object_r:sysfs_rmnet:s0
|
||||
genfscon sysfs /devices/virtual/android_usb/android0/f_rmnet_smd_sdio/transport u:object_r:sysfs_rmnet:s0
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
allow init diag_device:chr_file unlink;
|
||||
allow init sysfs_mmc_host:file rw_file_perms;
|
||||
allow init sysfs:file { rw_file_perms setattr };
|
||||
allow init proc_last_kmsg:file { r_file_perms setattr };
|
||||
|
||||
# Symlink /sdcard to backing block
|
||||
allow init tmpfs:lnk_file create;
|
||||
|
|
|
@ -11,6 +11,7 @@ allow system_server sensors_socket:dir r_dir_perms;
|
|||
|
||||
allow system_server persist_file:dir r_dir_perms;
|
||||
allow system_server sensors_device:chr_file rw_file_perms;
|
||||
allow system_server proc_last_kmsg:file r_file_perms;
|
||||
|
||||
# mpdecision socket access
|
||||
unix_socket_connect(system_server, mpdecision, mpdecision)
|
||||
|
|
Loading…
Reference in New Issue