diff options
| author | Jason Lu <jasonbangbang@gmail.com> | 2016-02-20 15:42:11 -0600 |
|---|---|---|
| committer | rogersb11 <brettrogers11@gmail.com> | 2016-02-26 01:39:34 -0500 |
| commit | b3fde2dd7032bc838fc7ecc25499506b8f4413ee (patch) | |
| tree | 6dbe74b19fd075afef8458486375eb32e037742f /selinux/qmiproxy.te | |
| parent | 5a1f21fb748bf64035a2211621914dabdcbfd6f2 (diff) | |
| download | device_samsung_t0lte-b3fde2dd7032bc838fc7ecc25499506b8f4413ee.tar.gz device_samsung_t0lte-b3fde2dd7032bc838fc7ecc25499506b8f4413ee.tar.bz2 device_samsung_t0lte-b3fde2dd7032bc838fc7ecc25499506b8f4413ee.zip | |
t0lte: RIL SELinux Fixes
Relabel qmiproxy, at_distributor, smdexe, and diag_uart_log so init
won't get denied with system_file:file { execute_no_trans }. Clean
up rules so we don't have to set things to permissive. RIL is
working when SELinux is enforcing with this.
Change-Id: I174010d1546207037e1907d711e7f7c21871ee9e
Diffstat (limited to 'selinux/qmiproxy.te')
| -rw-r--r-- | selinux/qmiproxy.te | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/selinux/qmiproxy.te b/selinux/qmiproxy.te index 5845fcd..eb332c8 100644 --- a/selinux/qmiproxy.te +++ b/selinux/qmiproxy.te @@ -2,4 +2,16 @@ type qmiproxy, domain; type qmiproxy_exec, exec_type, file_type; net_domain(qmiproxy) -init_daemon_domain(qmiproxy)
\ No newline at end of file +init_daemon_domain(qmiproxy) + +allow qmiproxy log_device:chr_file { open write }; +allow qmiproxy log_device:dir { search }; + +allow qmiproxy qmuxd_socket:dir { search write add_name }; +allow qmiproxy qmuxd_socket:sock_file { create }; +allow qmiproxy property_socket:sock_file { open write }; +allow qmiproxy init:unix_stream_socket connectto; + +allow qmiproxy radio_prop:property_service { set }; + +allow qmiproxy system_file:file { execmod }; |