Merge "SEAndroid: Update rules for slim daemon"

author: Linux Build Service Account <lnxbuild@localhost> 2015-08-10 15:14:49 -0700
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2015-08-10 15:14:49 -0700
commit: 42077eb9957741bfe20daf23034b5845387797de (patch)
tree: 2326bdb85df5b416cb6bd7786412199139735117
parent: a94c7b75e90208ffbcf1e575e196494e07978ea3 (diff)
parent: 736f68cb0c4e64712440c9700eeff25a49293256 (diff)
download: android_device_qcom_sepolicy-42077eb9957741bfe20daf23034b5845387797de.tar.gz
android_device_qcom_sepolicy-42077eb9957741bfe20daf23034b5845387797de.tar.bz2
android_device_qcom_sepolicy-42077eb9957741bfe20daf23034b5845387797de.zip
2 files changed, 8 insertions, 5 deletions
diff --git a/common/file_contexts b/common/file_contexts
index 2cba3d71..6f84b78e 100644
--- a/common/file_contexts
+++ b/common/file_contexts
@@ -181,10 +181,9 @@
 /system/bin/location-mq                         u:object_r:location_exec:s0
 /system/bin/xtwifi-inet-agent                   u:object_r:location_exec:s0
 /system/bin/xtwifi-client                       u:object_r:location_exec:s0
-/system/bin/gsiff_daemon                        u:object_r:location_exec:s0
 /system/bin/garden_app                          u:object_r:location_exec:s0
 /system/bin/gpsone_daemon                       u:object_r:location_exec:s0
-/system/vendor/bin/slim_ap_daemon               u:object_r:location_exec:s0
+/system/vendor/bin/slim_daemon                  u:object_r:location_exec:s0
 /system/bin/energy-awareness                    u:object_r:energyawareness_exec:s0
 /system/vendor/bin/fidodaemon                   u:object_r:fidodaemon_exec:s0
 /system/bin/dts_configurator                    u:object_r:dtsconfigurator_exec:s0
diff --git a/common/location.te b/common/location.te
index 87b661d7..f52ddd95 100644
--- a/common/location.te
+++ b/common/location.te
@@ -18,7 +18,7 @@ allow location location_data_file:{ file fifo_file } create_file_perms;
 allow location location_data_file:sock_file write;
 allow location location_exec:file x_file_perms;
 allow location location_socket:sock_file create_file_perms;
-allow location self:capability { setuid setgid net_admin };
+allow location self:capability { setuid setgid net_admin net_raw };
 allow location self:{
     socket
     netlink_socket
@@ -26,10 +26,14 @@ allow location self:{
 
 unix_socket_connect(location, sensors, sensors)
 allow location sensors_device:chr_file r_file_perms;
-allow location sensors_socket:sock_file r_file_perms;
+allow location sensors_socket:sock_file rw_file_perms;
 allow location shell_exec:file rx_file_perms;
 
-allow location system_server:unix_stream_socket { read write };
+allow location system_server:unix_stream_socket { read write connectto};
+
+# For interfacing with the device sensorservice
+allow location sensorservice_service:service_manager find;
+
 r_dir_file(location, rfs_shared_hlos_file)
 
 dontaudit location domain:dir r_dir_perms;
author	Linux Build Service Account <lnxbuild@localhost>	2015-08-10 15:14:49 -0700
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2015-08-10 15:14:49 -0700
commit	42077eb9957741bfe20daf23034b5845387797de (patch)
tree	2326bdb85df5b416cb6bd7786412199139735117
parent	a94c7b75e90208ffbcf1e575e196494e07978ea3 (diff)
parent	736f68cb0c4e64712440c9700eeff25a49293256 (diff)
download	android_device_qcom_sepolicy-42077eb9957741bfe20daf23034b5845387797de.tar.gz android_device_qcom_sepolicy-42077eb9957741bfe20daf23034b5845387797de.tar.bz2 android_device_qcom_sepolicy-42077eb9957741bfe20daf23034b5845387797de.zip