diff options
| author | Biswajit Paul <biswajitpaul@codeaurora.org> | 2014-10-13 14:36:16 -0700 |
|---|---|---|
| committer | Biswajit Paul <biswajitpaul@codeaurora.org> | 2014-10-13 16:18:54 -0700 |
| commit | 64f83f64d9f11be3fab80d350506dc2ec77d61c8 (patch) | |
| tree | e96acf1c0d4f2685db9a6e6010d5da378911617f /test | |
| parent | 87221564409a7d17a865032cd75ea54894e4b713 (diff) | |
| download | android_device_qcom_sepolicy-64f83f64d9f11be3fab80d350506dc2ec77d61c8.tar.gz android_device_qcom_sepolicy-64f83f64d9f11be3fab80d350506dc2ec77d61c8.tar.bz2 android_device_qcom_sepolicy-64f83f64d9f11be3fab80d350506dc2ec77d61c8.zip | |
SEAndroid: Add sepolicy for multimedia doamins
Add policy for denial seeen for various tests
Change-Id: I523fef4c87c3a3436546c95d7ac35254fa442d1a
Diffstat (limited to 'test')
| -rw-r--r-- | test/qmi_ping.te | 4 | ||||
| -rw-r--r-- | test/qmi_test_service.te | 4 |
2 files changed, 2 insertions, 6 deletions
diff --git a/test/qmi_ping.te b/test/qmi_ping.te index d2ec5988..c5808f14 100644 --- a/test/qmi_ping.te +++ b/test/qmi_ping.te @@ -12,14 +12,12 @@ userdebug_or_eng(` #to enable qmuxd interface apis to access diag allow qmi_ping diag_device:chr_file {read write open ioctl}; #enable accessing the path where qmuxds named sockets are present - allow qmi_ping qmux_radio_socket:dir {read write search add_name}; #to interface with qmuxd through unix sockets - allow qmi_ping qmux_radio_socket:sock_file {create read write setattr}; #to use socket interface to ipc router allow qmi_ping qmi_ping:socket {create bind read write ioctl setopt}; #enable running test as root user => privileged process #enable privileged processes to bypass permission checks allow qmi_ping qmi_ping:capability {dac_override dac_read_search setgid setuid fsetid}; #QCCI calls qmuxd API. The API will internally require this - allow qmi_ping qmuxd:unix_stream_socket {connectto}; + qmux_socket(qmi_ping); ') diff --git a/test/qmi_test_service.te b/test/qmi_test_service.te index 03650fb1..ed97c2ec 100644 --- a/test/qmi_test_service.te +++ b/test/qmi_test_service.te @@ -12,14 +12,12 @@ userdebug_or_eng(` #to enable qmuxd interface apis to access diag allow qmi_test_service diag_device:chr_file {read write open ioctl}; #enable accessing the path where qmuxds named sockets are present - allow qmi_test_service qmux_radio_socket:dir {read write search add_name}; #to interface with qmuxd through unix sockets - allow qmi_test_service qmux_radio_socket:sock_file {create read write setattr}; #to access ipc router socket allow qmi_test_service qmi_test_service:socket {create bind ioctl read write setopt}; #enable running test as root user => privileged process #enable privileged processes to bypass permission checks allow qmi_test_service qmi_test_service:capability {dac_override dac_read_search setgid setuid fsetid}; #QCCI calls qmuxd API. The API will internally require this - allow qmi_test_service qmuxd:unix_stream_socket {connectto}; + qmux_socket(qmi_test_service); ') |