diff options
Diffstat (limited to 'common/rfs_access.te')
-rw-r--r-- | common/rfs_access.te | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/common/rfs_access.te b/common/rfs_access.te index 69c14e65..318fffc1 100644 --- a/common/rfs_access.te +++ b/common/rfs_access.te @@ -53,6 +53,7 @@ allow rfs_access self:capability { setuid setgid setpcap + net_bind_service net_raw }; @@ -62,6 +63,9 @@ allow rfs_access self:capability { allow rfs_access self:capability { dac_read_search chown dac_override }; +#For access to the kmsg device +allow rfs_access kmsg_device:chr_file w_file_perms; + #Prevent other domains from accessing RFS data files. neverallow { domain -rfs_access -kernel -recovery -init userdebug_or_eng(`-su') -qti_init_shell } rfs_file:dir create_dir_perms; neverallow { domain -rfs_access -kernel -recovery -init userdebug_or_eng(`-su') -qti_init_shell } rfs_file:file create_file_perms; |