diff options
author | Biswajit Paul <biswajitpaul@codeaurora.org> | 2016-07-20 12:02:14 -0700 |
---|---|---|
committer | Dennis Cagle <d-cagle@codeaurora.org> | 2016-09-12 15:44:19 -0700 |
commit | 277acbba3c7adbb01364f738638a23b1b8674311 (patch) | |
tree | d50c753f79fd574cfcdc17c206c20b0d5b14a199 /common/surfaceflinger.te | |
parent | 17cde0630b9bbb849080895fe86fecac99b063ba (diff) | |
download | android_device_qcom_sepolicy-277acbba3c7adbb01364f738638a23b1b8674311.tar.gz android_device_qcom_sepolicy-277acbba3c7adbb01364f738638a23b1b8674311.tar.bz2 android_device_qcom_sepolicy-277acbba3c7adbb01364f738638a23b1b8674311.zip |
sepolicy: Restrict diag access available to domains
Current diag access is overly permissive. Restrict diag access
to a whilelist of all domains.
CRs-Fixed: 1052935
Change-Id: I7713f18a10508ef297e2742969dc5f9064cf9b50
Diffstat (limited to 'common/surfaceflinger.te')
-rw-r--r-- | common/surfaceflinger.te | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/common/surfaceflinger.te b/common/surfaceflinger.te index 9baa3a04..0a8ae6de 100644 --- a/common/surfaceflinger.te +++ b/common/surfaceflinger.te @@ -37,3 +37,7 @@ binder_call(surfaceflinger, mmi) #Allow access to cameraserver service allow surfaceflinger cameraserver_service:service_manager find; +#diag +userdebug_or_eng(` + diag_use(surfaceflinger) +') |