diff options
| author | Linux Build Service Account <lnxbuild@localhost> | 2016-11-18 00:27:11 -0800 |
|---|---|---|
| committer | Linux Build Service Account <lnxbuild@localhost> | 2016-11-18 00:27:11 -0800 |
| commit | bf609c183f88a6ae60281825c48077cca3975b1c (patch) | |
| tree | de52fdda64c4b9e3ae346e258d49c740759d8e79 | |
| parent | f275175442fac35b5bad1828abe35184fa321675 (diff) | |
| parent | 08a32bfe05f9119c7410f897179c641a377a6e2f (diff) | |
| download | android_device_qcom_sepolicy-bf609c183f88a6ae60281825c48077cca3975b1c.tar.gz android_device_qcom_sepolicy-bf609c183f88a6ae60281825c48077cca3975b1c.tar.bz2 android_device_qcom_sepolicy-bf609c183f88a6ae60281825c48077cca3975b1c.zip | |
Promotion of sepolicy.lnx.2.0-00047.
CRs Change ID Subject
--------------------------------------------------------------------------------------------------------------
1075747 I733445e21264a188c24bf501ebc13fc082fb2e31 sepolicy: msmcobalt: add missing line for VR service
1088226 I85e72ed412bc5d91634146b743d75face9bcedb0 Sepolicy:: Policies are added for nqnfcinfo daemon
1074975 I1c56f6c7e61de10999d15bb2abc80e337247588b wfd: Add access to gpu device for wfdservice
Change-Id: I9780c8cd5b61781d9fd7668b95880088afbadaf0
CRs-Fixed: 1088226, 1074975, 1075747
| -rw-r--r-- | common/file_contexts | 1 | ||||
| -rw-r--r-- | common/nqnfcinfo.te | 39 | ||||
| -rwxr-xr-x | common/property.te | 2 | ||||
| -rwxr-xr-x | common/property_contexts | 2 | ||||
| -rw-r--r-- | common/wfdservice.te | 3 | ||||
| -rw-r--r-- | msmcobalt/file_contexts | 1 |
6 files changed, 48 insertions, 0 deletions
diff --git a/common/file_contexts b/common/file_contexts index abfe3bcf..b24c4191 100644 --- a/common/file_contexts +++ b/common/file_contexts @@ -135,6 +135,7 @@ /system/bin/ATFWD-daemon u:object_r:atfwd_exec:s0 /system/bin/PktRspTest u:object_r:diag_exec:s0 /system/bin/audiod u:object_r:audiod_exec:s0 +/system/vendor/bin/nqnfcinfo u:object_r:nqnfcinfo_exec:s0 /system/bin/charger_monitor u:object_r:charger_monitor_exec:s0 /system/bin/hvdcp_opti u:object_r:hvdcp_exec:s0 /system/bin/cnd u:object_r:cnd_exec:s0 diff --git a/common/nqnfcinfo.te b/common/nqnfcinfo.te new file mode 100644 index 00000000..3efc94c3 --- /dev/null +++ b/common/nqnfcinfo.te @@ -0,0 +1,39 @@ +#Copyright (c) 2016, The Linux Foundation. All rights reserved. +# +#Redistribution and use in source and binary forms, with or without +#modification, are permitted provided that the following conditions are +#met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +# * Neither the name of The Linux Foundation nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +#THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED +#WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +#MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT +#ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS +#BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +#CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +#SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +#BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +#WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +#OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +#IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +type nqnfcinfo, domain; +type nqnfcinfo_exec, exec_type, file_type; + +# Started by init +init_daemon_domain(nqnfcinfo) + +r_dir_file(nqnfcinfo, sysfs_socinfo); + +set_prop(nqnfcinfo, nfc_nq_prop); + +# Access device nodes inside /dev/nq-nci +allow nqnfcinfo nfc_device:chr_file rw_file_perms; diff --git a/common/property.te b/common/property.te index 16b716a9..5ae8f71e 100755 --- a/common/property.te +++ b/common/property.te @@ -97,3 +97,5 @@ type hwui_prop, property_type, core_property_type; type graphics_vulkan_prop, property_type, core_property_type; #boot mode property type boot_mode_prop, property_type; +#properties for nfc +type nfc_nq_prop, property_type, core_property_type; diff --git a/common/property_contexts b/common/property_contexts index 78d90a32..5d457153 100755 --- a/common/property_contexts +++ b/common/property_contexts @@ -89,3 +89,5 @@ persist.graphics.vulkan.disable u:object_r:graphics_vulkan_prop:s0 sys.boot_mode u:object_r:boot_mode_prop:s0 # GPU ro.gpu.available_frequencies u:object_r:freq_prop:s0 +# NFC +sys.nfc.nq. u:object_r:nfc_nq_prop:s0 diff --git a/common/wfdservice.te b/common/wfdservice.te index 276e2e15..1514e055 100644 --- a/common/wfdservice.te +++ b/common/wfdservice.te @@ -39,6 +39,9 @@ allow wfdservice audio_device:dir r_dir_perms; #Allow access to /dev/graphics/fb* for screen capture allow wfdservice graphics_device:chr_file rw_file_perms; +#Allow access to encoder for YUV statistics +allow wfdservice gpu_device:chr_file rw_file_perms; + #Allow communication with init over property server unix_socket_connect(wfdservice, property, init); diff --git a/msmcobalt/file_contexts b/msmcobalt/file_contexts index 1f5a1116..ae7ea032 100644 --- a/msmcobalt/file_contexts +++ b/msmcobalt/file_contexts @@ -59,6 +59,7 @@ # System files # /system/bin/qvop-daemon u:object_r:qvop_exec:s0 +/system/vendor/bin/qvrservice u:object_r:qvrd_exec:s0 ################################### # data files |