summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRuslan Trofymenko2018-10-31 01:10:47 -0500
committerPraneeth Bajjuri2018-10-30 22:14:12 -0500
commit6874fb4f7d785b386497777bdf306955e1047d74 (patch)
tree30122ddd0b3d08a13c0cd14af61ad12e02e78de4
parent26468d71e65dc1c8f383586166218c99b372981c (diff)
downloaddevice-ti-am65xevm-6874fb4f7d785b386497777bdf306955e1047d74.tar.gz
device-ti-am65xevm-6874fb4f7d785b386497777bdf306955e1047d74.tar.xz
device-ti-am65xevm-6874fb4f7d785b386497777bdf306955e1047d74.zip
am65xevm: sepolicy: Allow ueventd to insert modules
Allow ueventd daemon to load modules in response to modalias events. This patch makes dynamic kernel module loading work in 'enforcing' mode. Signed-off-by: Ruslan Trofymenko <ruslan.trofymenko@linaro.org> Signed-off-by: Praneeth Bajjuri <praneeth@ti.com>
-rw-r--r--sepolicy/ueventd.te4
1 files changed, 4 insertions, 0 deletions
diff --git a/sepolicy/ueventd.te b/sepolicy/ueventd.te
new file mode 100644
index 0000000..966db38
--- /dev/null
+++ b/sepolicy/ueventd.te
@@ -0,0 +1,4 @@
1allow ueventd self:capability {sys_module sys_nice};
2allow ueventd vendor_file:system module_load;
3allow ueventd kernel:key search;
4allow ueventd kernel:process setsched;