diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2014-02-26 16:46:33 -0500 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2014-03-03 22:42:52 +0000 |
commit | 28afdd9234236d0b3c510f28255aa14625d11457 (patch) | |
tree | 2c80595a6b2ae64772dba1650c8945ad971049f3 /racoon.te | |
parent | 63b98b17e41b74a7595dc80e1958550cf6b887d1 (diff) | |
download | android_external_sepolicy-28afdd9234236d0b3c510f28255aa14625d11457.tar.gz android_external_sepolicy-28afdd9234236d0b3c510f28255aa14625d11457.tar.bz2 android_external_sepolicy-28afdd9234236d0b3c510f28255aa14625d11457.zip |
Deduplicate binder_call rules.
A number of binder_call rules are duplicated by other rules
written in terms of attributes/sets (e.g. appdomain, binderservicedomain).
Get rid of the duplicates.
Also use binder_use() in racoon.te rather than manually writing the
base rule for communicating with the servicemanager.
Change-Id: I5a459cc2154b1466bcde6eccef253dfcdcb44e0a
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Diffstat (limited to 'racoon.te')
-rw-r--r-- | racoon.te | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -8,7 +8,7 @@ typeattribute racoon mlstrustedsubject; net_domain(racoon) -binder_call(racoon, servicemanager) +binder_use(racoon) binder_call(racoon, keystore) allow racoon tun_device:chr_file r_file_perms; |