diff options
| -rw-r--r-- | sepolicy/file_contexts | 2 | ||||
| -rw-r--r-- | sepolicy/sepolicy.mk | 3 | ||||
| -rw-r--r-- | sepolicy/ueventd.te | 5 |
3 files changed, 8 insertions, 2 deletions
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 65e21c9a..78b3ee18 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -3,6 +3,6 @@ ############################# # performance-related sysfs files (CM) /sys/kernel/mm/ksm(/.*)? -- u:object_r:sysfs_writable:s0 -/sys/devices/system/cpu.*/cpufreq(/.*)? -- u:object_r:sysfs_writable:s0 +/sys/devices/system/cpu.*/cpufreq(/.*)? -- u:object_r:sysfs_devices_system_cpu:s0 /sys/block/mmcblk0/queue/scheduler -- u:object_r:sysfs_writable:s0 diff --git a/sepolicy/sepolicy.mk b/sepolicy/sepolicy.mk index 16a0e796..0508bf63 100644 --- a/sepolicy/sepolicy.mk +++ b/sepolicy/sepolicy.mk @@ -11,7 +11,8 @@ BOARD_SEPOLICY_UNION += \ file_contexts \ fs_use \ genfs_contexts \ - installd.te \ seapp_contexts \ + installd.te \ + ueventd.te \ vold.te \ mac_permissions.xml diff --git a/sepolicy/ueventd.te b/sepolicy/ueventd.te new file mode 100644 index 00000000..52e19484 --- /dev/null +++ b/sepolicy/ueventd.te @@ -0,0 +1,5 @@ +# ueventd needs to relabel files that pop in and out of sysfs +allow ueventd sysfs:file relabelfrom; + +# ueventd will set permissions on cpufreq nodes +allow ueventd sysfs_devices_system_cpu:file setattr; |