diff options
| author | Linux Build Service Account <lnxbuild@localhost> | 2016-09-27 09:25:19 -0700 |
|---|---|---|
| committer | Linux Build Service Account <lnxbuild@localhost> | 2016-09-27 09:25:19 -0700 |
| commit | c78d473c6d64da48ca7bc508e46fe276acba9d3b (patch) | |
| tree | 0de4fcda32b94bb05d23e00387bb341adb7ebf05 | |
| parent | 323c7e2df313ca8788ce0970f89ce4c119e2fd2c (diff) | |
| parent | 0957aade1f9fa3359ad79009c139ca1ef00a7ecc (diff) | |
| download | android_device_qcom_sepolicy-c78d473c6d64da48ca7bc508e46fe276acba9d3b.tar.gz android_device_qcom_sepolicy-c78d473c6d64da48ca7bc508e46fe276acba9d3b.tar.bz2 android_device_qcom_sepolicy-c78d473c6d64da48ca7bc508e46fe276acba9d3b.zip | |
Promotion of sepolicy.lnx.2.0-00039.
CRs Change ID Subject
--------------------------------------------------------------------------------------------------------------
1036981 Ia0cfce4e3c00e4ad67c13a1a3f37e82e8435a2ab selinux: restorecon interactive sysfs files before use
1070511 1070968 Ic618467a6c219828041c3f47d7696dca47cf62f4 sepolicy: restore persist-time file
1067815 Sepolicy: Allow mediaserver to access media_settings_xml
Change-Id: Ifd64de7b52339c7a56de49f6d3e4b6567668146c
CRs-Fixed: 1067815, 1070968, 1070511, 1036981
| -rw-r--r-- | common/file_contexts | 1 | ||||
| -rw-r--r-- | common/init_shell.te | 3 | ||||
| -rw-r--r-- | msm8952/mediaserver.te | 3 | ||||
| -rw-r--r-- | msm8952/property.te | 2 |
4 files changed, 7 insertions, 2 deletions
diff --git a/common/file_contexts b/common/file_contexts index d27f2981..54d1c0e4 100644 --- a/common/file_contexts +++ b/common/file_contexts @@ -351,6 +351,7 @@ /persist/drm(/.*)? u:object_r:persist_drm_file:s0 /persist/sensors(/.*)? u:object_r:sensors_persist_file:s0 /persist/alarm(/.*)? u:object_r:persist_alarm_file:s0 +/persist/time(/.*)? u:object_r:persist_time_file:s0 /persist/data(/.*)? u:object_r:persist_drm_file:s0 /persist/data/tz(/.*)? u:object_r:persist_drm_file:s0 /persist/data/sfs(/.*)? u:object_r:persist_drm_file:s0 diff --git a/common/init_shell.te b/common/init_shell.te index ccd806c0..487caf05 100644 --- a/common/init_shell.te +++ b/common/init_shell.te @@ -116,7 +116,8 @@ allow qti_init_shell { r_dir_file(qti_init_shell, sysfs_thermal) allow qti_init_shell sysfs_socinfo:file write; - +allow qti_init_shell sysfs:{ dir file lnk_file } relabelfrom; +allow qti_init_shell sysfs_devices_system_cpu: { dir file lnk_file } relabelto; # Check if /dev/sensors or /dev/msm_dsps present allow qti_init_shell sensors_data_file:dir r_dir_perms; allow qti_init_shell sensors_device:chr_file r_file_perms; diff --git a/msm8952/mediaserver.te b/msm8952/mediaserver.te index 0f88a051..5bd54323 100644 --- a/msm8952/mediaserver.te +++ b/msm8952/mediaserver.te @@ -27,3 +27,6 @@ # allow mediaserver to access media.msm8956hw allow mediaserver media_msm8956hw_prop:file r_file_perms; +allow mediaserver media_settings_xml_prop:file r_file_perms; +allow mediaserver seempd:unix_dgram_socket sendto; +allow mediaserver seempdw_socket:sock_file write; diff --git a/msm8952/property.te b/msm8952/property.te index 9b93f862..2cfa17e8 100644 --- a/msm8952/property.te +++ b/msm8952/property.te @@ -27,5 +27,5 @@ #properites for init.qcom.sh script type media_msm8956hw_prop, property_type; -type media_settings_xml_prop, property_type; +type media_settings_xml_prop, property_type, core_property_type; type media_msm8956_version_prop, property_type; |