summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVishal Mahaveer2017-10-24 17:25:53 -0500
committerPraneeth Bajjuri2017-10-24 17:27:04 -0500
commite85a467c73880934f9e28ba2e8e3f0c2f2aa4212 (patch)
tree51da2ae83d643cc0bd99584e1630468bab8e36fe
parentf392715c8e1decdff3e615b12a9370f7c59b4056 (diff)
downloaddevice-ti-am57xevm-e85a467c73880934f9e28ba2e8e3f0c2f2aa4212.tar.gz
device-ti-am57xevm-e85a467c73880934f9e28ba2e8e3f0c2f2aa4212.tar.xz
device-ti-am57xevm-e85a467c73880934f9e28ba2e8e3f0c2f2aa4212.zip
am57xevm: sepolicy: update for pvrsrvkm move to vendor partition
sepolicy update for recent move of pvr kernel module to vendor partition. This change fixes the below selinux warning [ 7.682370] type=1400 audit(7.679:4): avc: denied { module_load } for pid=187 comm="pvrsrvinit" path="/vendor/lib/modules/pvrsrvkm.ko" dev="mmcblk0p11" ino=160 scontext=u:r:pvr:s0 tcontext=u:object_r:vendor_file:s0 tclass=system permissive=1 based on http://review.omapzoom.org/#/c/38620 Signed-off-by: Vishal Mahaveer <vishalm@ti.com> [port to am57xevm project] Signed-off-by: Praneeth Bajjuri <praneeth@ti.com> Change-Id: I845a0eafc640572932c7c8ba3f14f6cdb8de3124
-rw-r--r--sepolicy/pvr.te2
1 files changed, 1 insertions, 1 deletions
diff --git a/sepolicy/pvr.te b/sepolicy/pvr.te
index 747ee36..820e734 100644
--- a/sepolicy/pvr.te
+++ b/sepolicy/pvr.te
@@ -9,7 +9,7 @@ allow pvr gpu_device:chr_file rw_file_perms;
9 9
10# allow graphics driver initialization 10# allow graphics driver initialization
11allow pvr self:capability sys_module; 11allow pvr self:capability sys_module;
12allow pvr system_file:system module_load; 12allow pvr vendor_file:system module_load;
13 13
14# allow reading /sys/devices/soc0/machine 14# allow reading /sys/devices/soc0/machine
15allow pvr sysfs:file { r_file_perms }; 15allow pvr sysfs:file { r_file_perms };