Piteball
/
android_device_samsung_msm8976-common
mirror of https://github.com/team-infusion-developers/android_device_samsung_msm8976-common.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

msm8976-common: sepolicy: Add restricted permissions to vendor_init 

The core SEPolicy for vendor_init is being restricted to the proper
Treble restrictions.  Since this is a legacy device, it is tagged as a
data_between_core_and_vendor_violators and the needed permissions are
added to its device specific vendor_init.te

Bug: 62875318
Test: boot 8976 targets without audits
Change-Id: I13aaa2278e71092d740216d3978dc720afafe8ea
This commit is contained in:
Tom Cherry 2018-01-23 14:15:24 -08:00 committed by LuK1337
parent 0c5cb53a04
commit 7aa66e91ba
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sepolicy/vendor_init.te Normal file
View File

@ -0,0 +1,8 @@
allow vendor_init {
camera_data_file
media_rw_data_file
system_data_file
time_data_file
wifi_data_file
wpa_socket
}:dir { create search getattr open read setattr ioctl write add_name remove_name rmdir relabelfrom };