summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorforkbomb <keepcalm444@gmail.com>2015-11-25 10:56:16 +1100
committerAbhisek Devkota <ciwrl@cyanogenmod.com>2015-11-24 16:40:09 -0800
commit0415be93fc71c0abef4b5ffa8f416fc72be40c97 (patch)
tree3dee8c93ba9f49fc1b1e3534b23e3f45e7bc9875
parent89139a1116a4eccd434317b708571bcfc2a23f6c (diff)
downloaddevice_samsung_i9300-0415be93fc71c0abef4b5ffa8f416fc72be40c97.zip
device_samsung_i9300-0415be93fc71c0abef4b5ffa8f416fc72be40c97.tar.gz
device_samsung_i9300-0415be93fc71c0abef4b5ffa8f416fc72be40c97.tar.bz2
[WIP] i9300: SELinux M bringup
currently you need to cherry-pick this: http://review.cyanogenmod.org/#/c/120540/ to boot. Change-Id: Ibf6f85db7235a5c09010bcedc57642f91f278d29
-rw-r--r--selinux/gpsd.te2
-rw-r--r--selinux/rild.te2
-rw-r--r--selinux/system_server.te2
3 files changed, 3 insertions, 3 deletions
diff --git a/selinux/gpsd.te b/selinux/gpsd.te
index d58665e..8eca21c 100644
--- a/selinux/gpsd.te
+++ b/selinux/gpsd.te
@@ -3,7 +3,7 @@ allow gpsd rild:unix_stream_socket connectto;
allow gpsd system_data_file:fifo_file { create read write setattr open };
allow gpsd servicemanager:binder call;
allow gpsd sysfs_wake_lock:file { read write open };
-allow gpsd system_data_file:file { create read write setattr open };
+allow gpsd system_data_file:file { read open };
allow gpsd system_data_file:dir { read write setattr open add_name };
allow gpsd system_server:binder call;
allow gpsd system_server:unix_stream_socket { read write };
diff --git a/selinux/rild.te b/selinux/rild.te
index 1df1a78..3339eaf 100644
--- a/selinux/rild.te
+++ b/selinux/rild.te
@@ -11,4 +11,4 @@ allow rild efs_block_device:blk_file rw_file_perms;
allow rild efs_file:file { read open write setattr };
allow rild efs_device_file:dir create_dir_perms;
-allow rild efs_device_file:file { setattr create rw_file_perms link_file_perms };
+allow rild efs_device_file:file { setattr create create_file_perms };
diff --git a/selinux/system_server.te b/selinux/system_server.te
index a6b65ce..28085f4 100644
--- a/selinux/system_server.te
+++ b/selinux/system_server.te
@@ -14,7 +14,7 @@ allow system_server uhid_device:chr_file { read ioctl write open };
# /efs/wifi/.mac.info
allow system_server wifi_data_file:file { read open };
-allow system_server default_prop:property_service set;
+#allow system_server default_prop:property_service set;
allow system_server gpsd:binder transfer;
type_transition system_server system_data_file:fifo_file gps_data_file ".gps.interface.pipe.to_jni";