diff options
author | Linux Build Service Account <lnxbuild@localhost> | 2015-08-10 15:14:49 -0700 |
---|---|---|
committer | Gerrit - the friendly Code Review server <code-review@localhost> | 2015-08-10 15:14:49 -0700 |
commit | 42077eb9957741bfe20daf23034b5845387797de (patch) | |
tree | 2326bdb85df5b416cb6bd7786412199139735117 | |
parent | a94c7b75e90208ffbcf1e575e196494e07978ea3 (diff) | |
parent | 736f68cb0c4e64712440c9700eeff25a49293256 (diff) | |
download | android_device_qcom_sepolicy-42077eb9957741bfe20daf23034b5845387797de.tar.gz android_device_qcom_sepolicy-42077eb9957741bfe20daf23034b5845387797de.tar.bz2 android_device_qcom_sepolicy-42077eb9957741bfe20daf23034b5845387797de.zip |
Merge "SEAndroid: Update rules for slim daemon"
-rw-r--r-- | common/file_contexts | 3 | ||||
-rw-r--r-- | common/location.te | 10 |
2 files changed, 8 insertions, 5 deletions
diff --git a/common/file_contexts b/common/file_contexts index 2cba3d71..6f84b78e 100644 --- a/common/file_contexts +++ b/common/file_contexts @@ -181,10 +181,9 @@ /system/bin/location-mq u:object_r:location_exec:s0 /system/bin/xtwifi-inet-agent u:object_r:location_exec:s0 /system/bin/xtwifi-client u:object_r:location_exec:s0 -/system/bin/gsiff_daemon u:object_r:location_exec:s0 /system/bin/garden_app u:object_r:location_exec:s0 /system/bin/gpsone_daemon u:object_r:location_exec:s0 -/system/vendor/bin/slim_ap_daemon u:object_r:location_exec:s0 +/system/vendor/bin/slim_daemon u:object_r:location_exec:s0 /system/bin/energy-awareness u:object_r:energyawareness_exec:s0 /system/vendor/bin/fidodaemon u:object_r:fidodaemon_exec:s0 /system/bin/dts_configurator u:object_r:dtsconfigurator_exec:s0 diff --git a/common/location.te b/common/location.te index 87b661d7..f52ddd95 100644 --- a/common/location.te +++ b/common/location.te @@ -18,7 +18,7 @@ allow location location_data_file:{ file fifo_file } create_file_perms; allow location location_data_file:sock_file write; allow location location_exec:file x_file_perms; allow location location_socket:sock_file create_file_perms; -allow location self:capability { setuid setgid net_admin }; +allow location self:capability { setuid setgid net_admin net_raw }; allow location self:{ socket netlink_socket @@ -26,10 +26,14 @@ allow location self:{ unix_socket_connect(location, sensors, sensors) allow location sensors_device:chr_file r_file_perms; -allow location sensors_socket:sock_file r_file_perms; +allow location sensors_socket:sock_file rw_file_perms; allow location shell_exec:file rx_file_perms; -allow location system_server:unix_stream_socket { read write }; +allow location system_server:unix_stream_socket { read write connectto}; + +# For interfacing with the device sensorservice +allow location sensorservice_service:service_manager find; + r_dir_file(location, rfs_shared_hlos_file) dontaudit location domain:dir r_dir_perms; |