diff options
| author | forkbomb <keepcalm444@gmail.com> | 2015-11-27 23:53:05 +1100 |
|---|---|---|
| committer | Simon Shields <keepcalm444@gmail.com> | 2015-12-11 10:57:35 +1100 |
| commit | 8d8ac23e55c865ce1d8f245f4ddea27792667688 (patch) | |
| tree | bf3ed5619df7484368b9db623e83b94847e7e942 /selinux/gpsd.te | |
| parent | 808d0b578511aac96a32101c3df523e6fed5b0d8 (diff) | |
| download | device_samsung_i9300-8d8ac23e55c865ce1d8f245f4ddea27792667688.zip device_samsung_i9300-8d8ac23e55c865ce1d8f245f4ddea27792667688.tar.gz device_samsung_i9300-8d8ac23e55c865ce1d8f245f4ddea27792667688.tar.bz2 | |
i9300: M sepolicy bringup
GPS fixes taken from grouper:
https://github.com/CyanogenMod/android_device_asus_grouper/commit/9651b24fb481bf0fc1db3b1d700033cf66eb067e
and
https://github.com/CyanogenMod/android_device_asus_grouper/commit/f5592571d581478622f0fc3f86fbbddf20cf89c7
Change-Id: I7ec658691c65c3b6c087ee41ba69f2cb37ade525
Diffstat (limited to 'selinux/gpsd.te')
| -rw-r--r-- | selinux/gpsd.te | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/selinux/gpsd.te b/selinux/gpsd.te index 8eca21c..a65f3da 100644 --- a/selinux/gpsd.te +++ b/selinux/gpsd.te @@ -1,9 +1,21 @@ -allow gpsd self:process execmem; -allow gpsd rild:unix_stream_socket connectto; -allow gpsd system_data_file:fifo_file { create read write setattr open }; -allow gpsd servicemanager:binder call; -allow gpsd sysfs_wake_lock:file { read write open }; -allow gpsd system_data_file:file { read open }; -allow gpsd system_data_file:dir { read write setattr open add_name }; -allow gpsd system_server:binder call; -allow gpsd system_server:unix_stream_socket { read write }; +type glgps, domain; +type glgps_exec, exec_type, file_type; + +init_daemon_domain(glgps) + +allow glgps shell_exec:file { rx_file_perms entrypoint }; + +#for text relocs & execution +allow glgps system_file:file { execute_no_trans execmod }; +allow glgps gps_device:chr_file { getattr setattr }; +allow glgps gps_data_file:dir { search write add_name remove_name }; +allow glgps gps_data_file:file { create rw_file_perms }; +allow glgps gps_data_file:fifo_file { unlink create setattr getattr rw_file_perms }; + +allow glgps node:udp_socket { node_bind name_bind }; + +allow glgps sysfs:file { setattr write }; +allow glgps gps_device:chr_file { ioctl open read write }; +allow glgps glgps:udp_socket { create bind }; +allow glgps dnsproxyd_socket:sock_file write; +allow glgps netd:unix_stream_socket connectto; |