summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPraneeth Bajjuri2019-05-08 23:53:52 -0500
committerPraneeth Bajjuri2019-05-09 16:14:22 -0500
commit8d2b3a1112a6f010171a95e641dd0a1ab8191e06 (patch)
tree0cdfc4f5c8105e3fa883ea19700c6152ea296f8f
parente2702c7374e805f13f22a0a5884bbbb643482e4a (diff)
downloaddevice-ti-am65xevm-8d2b3a1112a6f010171a95e641dd0a1ab8191e06.tar.gz
device-ti-am65xevm-8d2b3a1112a6f010171a95e641dd0a1ab8191e06.tar.xz
device-ti-am65xevm-8d2b3a1112a6f010171a95e641dd0a1ab8191e06.zip
am65xevm: sepolicy: Add map permissions to vendor_config_files
picked from platform/system/sepolicy 'commit: 3ba03d61106f ("domain.te: Add map permissions to vendor_config_files")' For 4.14+ kernels, we need map permissions for vendor_config_files, for things like kernel loaded firmware blobs, etc. Also updated vendor_init accordingly Signed-off-by: Praneeth Bajjuri <praneeth@ti.com>
-rw-r--r--sepolicy/domain.te1
-rw-r--r--sepolicy/vendor_init.te1
2 files changed, 2 insertions, 0 deletions
diff --git a/sepolicy/domain.te b/sepolicy/domain.te
new file mode 100644
index 0000000..101fa04
--- /dev/null
+++ b/sepolicy/domain.te
@@ -0,0 +1 @@
allow domain vendor_configs_file:file { read open getattr map };
diff --git a/sepolicy/vendor_init.te b/sepolicy/vendor_init.te
new file mode 100644
index 0000000..d985185
--- /dev/null
+++ b/sepolicy/vendor_init.te
@@ -0,0 +1 @@
allow vendor_init file_contexts_file:file map;