diff options
| author | Chang-An Chen <chang-an.chen@mediatek.com> | 2020-01-13 09:27:21 +0800 |
|---|---|---|
| committer | Gerrit Code Review <gerrit@mediatek.com> | 2020-01-13 09:27:21 +0800 |
| commit | 7ac1886793c555e690f8b20c9146a248a064ca74 (patch) | |
| tree | 6768f996d9ff9eff1382dd225bd8eb632fb1a676 | |
| parent | 4efc2b137c71b2b200e58bfa45c842290929caa4 (diff) | |
| parent | bfb3be5049a1216d5363f99c8bedc77158125f06 (diff) | |
| download | device_mediatek_wembley-sepolicy-7ac1886793c555e690f8b20c9146a248a064ca74.tar.gz device_mediatek_wembley-sepolicy-7ac1886793c555e690f8b20c9146a248a064ca74.tar.bz2 device_mediatek_wembley-sepolicy-7ac1886793c555e690f8b20c9146a248a064ca74.zip | |
Merge "[ALPS04961200] recovery: replace sysfs_mmcblk selinux label with sysfs_mmcblk_block" into alps-trunk-r0.basic
| -rw-r--r-- | non_plat/atcid.te | 4 | ||||
| -rw-r--r-- | non_plat/ccci_fsd.te | 4 | ||||
| -rw-r--r-- | non_plat/factory.te | 4 | ||||
| -rw-r--r-- | non_plat/genfs_contexts | 12 | ||||
| -rw-r--r-- | non_plat/mtk_hal_power.te | 4 | ||||
| -rw-r--r-- | non_plat/recovery.te | 6 |
6 files changed, 17 insertions, 17 deletions
diff --git a/non_plat/atcid.te b/non_plat/atcid.te index 12ea05c..9503a4f 100644 --- a/non_plat/atcid.te +++ b/non_plat/atcid.te @@ -63,8 +63,8 @@ allow atcid nvdata_file:file { open read write create getattr setattr }; allow atcid nvram_device:blk_file { open read write }; allow atcid proc_meminfo:file { open read }; allow atcid sysfs_batteryinfo:dir search; -allow atcid sysfs_mmcblk:dir search; -allow atcid sysfs_mmcblk:file { read open }; +allow atcid sysfs_devices_block:dir search; +allow atcid sysfs_devices_block:file { read open }; # Date : WK18.35 # Purpose: Add socket for TelephonyWare ATCI diff --git a/non_plat/ccci_fsd.te b/non_plat/ccci_fsd.te index 1adab51..a3cf5eb 100644 --- a/non_plat/ccci_fsd.te +++ b/non_plat/ccci_fsd.te @@ -64,5 +64,5 @@ allow ccci_fsd proc_lk_env:file rw_file_perms; #============= ccci_fsd MD Low Power Monitor Related ============== allow ccci_fsd ccci_data_md1_file:dir create_dir_perms; allow ccci_fsd ccci_data_md1_file:file create_file_perms; -allow ccci_fsd sysfs_mmcblk:dir search; -allow ccci_fsd sysfs_mmcblk:file { read getattr open }; +allow ccci_fsd sysfs_devices_block:dir search; +allow ccci_fsd sysfs_devices_block:file { read getattr open }; diff --git a/non_plat/factory.te b/non_plat/factory.te index 065e5a8..e788f8b 100644 --- a/non_plat/factory.te +++ b/non_plat/factory.te @@ -370,8 +370,8 @@ allow factory vendor_data_file:file { create read write open }; # Date : WK18.31 # Operation: P migration # Purpose : Refine policy -allow factory sysfs_mmcblk:dir { search }; -allow factory sysfs_mmcblk:file { read getattr open }; +allow factory sysfs_devices_block:dir { search }; +allow factory sysfs_devices_block:file { read getattr open }; # Date : WK18.37 # Operation: P migration diff --git a/non_plat/genfs_contexts b/non_plat/genfs_contexts index bcc6d94..86453af 100644 --- a/non_plat/genfs_contexts +++ b/non_plat/genfs_contexts @@ -155,12 +155,12 @@ genfscon sysfs /devices/platform/battery/disable_nafg u:object_r:sysfs_dis_nafg: # Date : 2019/07/03 # Purpose: SIU update mmcblk access -genfscon sysfs /devices/platform/bootdevice/mmc_host/mmc0/mmc0:0001/block/mmcblk0 u:object_r:sysfs_mmcblk:s0 -genfscon sysfs /devices/bootdevice/mmc_host/mmc0/mmc0:0001/block/mmcblk0 u:object_r:sysfs_mmcblk:s0 -#genfscon sysfs /devices/platform/mtk-msdc.0/11230000.msdc0/mmc_host/mmc0/mmc0:0001/block/mmcblk0 u:object_r:sysfs_mmcblk:s0 -genfscon sysfs /devices/platform/bootdevice/host0/target0:0:0/0:0:0:0/block/sda u:object_r:sysfs_mmcblk:s0 -genfscon sysfs /devices/platform/bootdevice/host0/target0:0:0/0:0:0:1/block/sdb u:object_r:sysfs_mmcblk:s0 -genfscon sysfs /devices/platform/bootdevice/host0/target0:0:0/0:0:0:2/block/sdc u:object_r:sysfs_mmcblk:s0 +genfscon sysfs /devices/platform/bootdevice/mmc_host/mmc0/mmc0:0001/block/mmcblk0 u:object_r:sysfs_devices_block:s0 +genfscon sysfs /devices/mtk-msdc.0/11230000.msdc0/mmc_host/mmc0/mmc0:0001/block/mmcblk0 u:object_r:sysfs_devices_block:s0 +genfscon sysfs /devices/platform/mtk-msdc.0/11230000.msdc0/mmc_host/mmc0/mmc0:0001/block/mmcblk0 u:object_r:sysfs_devices_block:s0 +genfscon sysfs /devices/platform/bootdevice/host0/target0:0:0/0:0:0:0/block/sda u:object_r:sysfs_devices_block:s0 +genfscon sysfs /devices/platform/bootdevice/host0/target0:0:0/0:0:0:1/block/sdb u:object_r:sysfs_devices_block:s0 +genfscon sysfs /devices/platform/bootdevice/host0/target0:0:0/0:0:0:2/block/sdc u:object_r:sysfs_devices_block:s0 # Date : 2019/07/12 # Purpose:dumpstate mmcblk1 access diff --git a/non_plat/mtk_hal_power.te b/non_plat/mtk_hal_power.te index 9689a14..d6de04d 100644 --- a/non_plat/mtk_hal_power.te +++ b/non_plat/mtk_hal_power.te @@ -118,8 +118,8 @@ allow mtk_hal_power rild:unix_stream_socket connectto; # Purpose : Allow powerHAL to access block read ahead allow mtk_hal_power sysfs_dm:dir r_dir_perms; allow mtk_hal_power sysfs_dm:file rw_file_perms; -allow mtk_hal_power sysfs_mmcblk:dir r_dir_perms; -allow mtk_hal_power sysfs_mmcblk:file rw_file_perms; +allow mtk_hal_power sysfs_devices_block:dir r_dir_perms; +allow mtk_hal_power sysfs_devices_block:file rw_file_perms; allow mtk_hal_power debugfs_eara_thermal:dir search; allow mtk_hal_power debugfs_eara_thermal:file { getattr open write read }; diff --git a/non_plat/recovery.te b/non_plat/recovery.te index a130f89..4d807ec 100644 --- a/non_plat/recovery.te +++ b/non_plat/recovery.te @@ -16,9 +16,9 @@ allow recovery self:capability sys_resource; allow recovery misc_sd_device:chr_file rw_file_perms; allow recovery vfat:dir r_dir_perms; allow recovery vfat:file r_file_perms; -allow recovery sysfs_mmcblk:dir r_dir_perms; -allow recovery sysfs_mmcblk:file rw_file_perms; -allow recovery sysfs_mmcblk:lnk_file r_file_perms; +allow recovery sysfs_devices_block:dir r_dir_perms; +allow recovery sysfs_devices_block:file rw_file_perms; +allow recovery sysfs_devices_block:lnk_file r_file_perms; # Date : WK18.25 # Operation : UT |