diff options
| author | Ziyan <jaraidaniel@gmail.com> | 2016-03-04 03:48:25 +0100 |
|---|---|---|
| committer | Andreas Blaesius <skate4life@gmx.de> | 2016-03-29 19:44:18 +0200 |
| commit | 491824c82435b9e22aa95da3e8a554956e3d74b6 (patch) | |
| tree | cf3ba3fadbdc8e8689c7af77a64c73e804b44a0c /sepolicy | |
| parent | d7911aa4d4f13863ae26e6d8f485cf0e106e3167 (diff) | |
| download | device_samsung_espressowifi-491824c82435b9e22aa95da3e8a554956e3d74b6.tar.gz device_samsung_espressowifi-491824c82435b9e22aa95da3e8a554956e3d74b6.tar.bz2 device_samsung_espressowifi-491824c82435b9e22aa95da3e8a554956e3d74b6.zip | |
libsensors: fix selinux denials
Moved geomagneticd calibration data to /data/sensors to allow relabeling it.
Change-Id: Ibe596b5903aa309f862a568b9876e79acaff5d19
Diffstat (limited to 'sepolicy')
| -rw-r--r-- | sepolicy/file.te | 2 | ||||
| -rw-r--r-- | sepolicy/file_contexts | 2 | ||||
| -rw-r--r-- | sepolicy/geomagneticd.te | 17 | ||||
| -rw-r--r-- | sepolicy/orientationd.te | 6 |
4 files changed, 16 insertions, 11 deletions
diff --git a/sepolicy/file.te b/sepolicy/file.te index 62633e5..bb32694 100644 --- a/sepolicy/file.te +++ b/sepolicy/file.te @@ -1,3 +1,3 @@ # Filesystem types -type sensor_data_file, file_type, data_file_type; +type sensors_data_file, file_type, data_file_type; type firmware_ducati, file_type; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 8d9d1dd..2161cde 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -14,7 +14,7 @@ /system/bin/gpsd u:object_r:gpsd_exec:s0 # Sensors -/data/system/yas*.cfg u:object_r:sensor_data_file:s0 +/data/sensors(/.*)? u:object_r:sensors_data_file:s0 /system/bin/geomagneticd u:object_r:geomagneticd_exec:s0 /system/bin/orientationd u:object_r:orientationd_exec:s0 diff --git a/sepolicy/geomagneticd.te b/sepolicy/geomagneticd.te index fe1dd42..ddfa01e 100644 --- a/sepolicy/geomagneticd.te +++ b/sepolicy/geomagneticd.te @@ -4,9 +4,14 @@ type geomagneticd_exec, exec_type, file_type; init_daemon_domain(geomagneticd) -allow geomagneticd input_device:chr_file { read open ioctl }; -allow geomagneticd input_device:dir { search read open }; -allow geomagneticd self:process { execmem }; -allow geomagneticd sensor_data_file:dir { write add_name remove_name create }; -allow geomagneticd sensor_data_file:file { create open read write getattr setattr rename }; -allow geomagneticd sysfs:file { write }; +# the sensor is an input device +allow geomagneticd input_device:chr_file rw_file_perms; +allow geomagneticd input_device:dir r_dir_perms; + +# store/read calibration data +allow geomagneticd sensors_data_file:dir w_dir_perms; +allow geomagneticd sensors_data_file:file create_file_perms; + +# read/write calibration offsets +# TODO: create own label +allow geomagneticd sysfs:file write; diff --git a/sepolicy/orientationd.te b/sepolicy/orientationd.te index 672c473..9db61a5 100644 --- a/sepolicy/orientationd.te +++ b/sepolicy/orientationd.te @@ -4,6 +4,6 @@ type orientationd_exec, exec_type, file_type; init_daemon_domain(orientationd) -allow orientationd input_device:chr_file { read write open ioctl }; -allow orientationd input_device:dir { search read open }; -allow orientationd self:process { execmem }; +# the sensor is an input device +allow orientationd input_device:chr_file rw_file_perms; +allow orientationd input_device:dir r_dir_perms; |