diff options
author | Vishal Mahaveer | 2017-08-22 22:16:23 -0500 |
---|---|---|
committer | Vishal Mahaveer | 2017-08-22 22:17:50 -0500 |
commit | e3d327b96202111f3031a82eab57e77108b1c026 (patch) | |
tree | f650c34279f144af87ff6a42d18ccf5b4f0b834b | |
parent | 8bd75893ebf010815645fa5b6ebb18148c7e3dca (diff) | |
download | device-ti-jacinto6evm-e3d327b96202111f3031a82eab57e77108b1c026.tar.gz device-ti-jacinto6evm-e3d327b96202111f3031a82eab57e77108b1c026.tar.xz device-ti-jacinto6evm-e3d327b96202111f3031a82eab57e77108b1c026.zip |
jacinto6evm: sepolicy: update rules failing build
Change-Id: I9d43bbab7fad82815fcb6d4dbb3cf0547ef37121
Signed-off-by: Vishal Mahaveer <vishalm@ti.com>
-rw-r--r-- | sepolicy/file_contexts | 4 | ||||
-rw-r--r-- | sepolicy/lad_dra7xx.te | 2 | ||||
-rw-r--r-- | sepolicy/mediaserver.te | 2 | ||||
-rw-r--r-- | sepolicy/ueventd.te | 2 | ||||
-rw-r--r-- | sepolicy/vis.te | 2 |
5 files changed, 6 insertions, 6 deletions
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 8988df2..2a77ada 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts | |||
@@ -1,7 +1,7 @@ | |||
1 | #Bluettoth tty device | 1 | #Bluettoth tty device |
2 | /dev/hci_tty u:object_r:bluetooth_control:s0 | 2 | /dev/hci_tty u:object_r:bluetooth_control:s0 |
3 | /dev/ttyS2 u:object_r:hci_attach_dev:s0 | 3 | #/dev/ttyS2 u:object_r:hci_attach_dev:s0 |
4 | /system/bin/uim-sysfs u:object_r:hci_attach_exec:s0 | 4 | #/system/bin/uim-sysfs u:object_r:hci_attach_exec:s0 |
5 | 5 | ||
6 | #Console | 6 | #Console |
7 | /dev/ttyS0 u:object_r:console_device:s0 | 7 | /dev/ttyS0 u:object_r:console_device:s0 |
diff --git a/sepolicy/lad_dra7xx.te b/sepolicy/lad_dra7xx.te index ff95009..3b31bf2 100644 --- a/sepolicy/lad_dra7xx.te +++ b/sepolicy/lad_dra7xx.te | |||
@@ -9,7 +9,7 @@ init_daemon_domain(lad_dra7xx) | |||
9 | allow lad_dra7xx devpts:chr_file {read write ioctl getattr }; | 9 | allow lad_dra7xx devpts:chr_file {read write ioctl getattr }; |
10 | allow lad_dra7xx lad_data_file:dir { create_dir_perms }; | 10 | allow lad_dra7xx lad_data_file:dir { create_dir_perms }; |
11 | allow lad_dra7xx lad_data_file:fifo_file { create_file_perms }; | 11 | allow lad_dra7xx lad_data_file:fifo_file { create_file_perms }; |
12 | allow lad_dra7xx self:socket { create_socket_perms }; | 12 | allow lad_dra7xx self:socket { create_socket_perms_no_ioctl }; |
13 | 13 | ||
14 | # Allow access to hwspinlock and uio device | 14 | # Allow access to hwspinlock and uio device |
15 | allow lad_dra7xx hwspinlock_dev:chr_file { rw_file_perms }; | 15 | allow lad_dra7xx hwspinlock_dev:chr_file { rw_file_perms }; |
diff --git a/sepolicy/mediaserver.te b/sepolicy/mediaserver.te index 9e69353..c8e811e 100644 --- a/sepolicy/mediaserver.te +++ b/sepolicy/mediaserver.te | |||
@@ -7,6 +7,6 @@ allow mediaserver device:dir { read open }; | |||
7 | allow mediaserver lad_data_file:fifo_file { create_file_perms }; | 7 | allow mediaserver lad_data_file:fifo_file { create_file_perms }; |
8 | allow mediaserver hwspinlock_dev:chr_file { rw_file_perms }; | 8 | allow mediaserver hwspinlock_dev:chr_file { rw_file_perms }; |
9 | allow mediaserver cmem_dev:chr_file { rw_file_perms }; | 9 | allow mediaserver cmem_dev:chr_file { rw_file_perms }; |
10 | allow mediaserver self:socket { create_socket_perms }; | 10 | allow mediaserver self:socket { create_socket_perms_no_ioctl }; |
11 | allow mediaserver self:tcp_socket { create_stream_socket_perms }; | 11 | allow mediaserver self:tcp_socket { create_stream_socket_perms }; |
12 | allow mediaserver ctl_default_prop:property_service set; | 12 | allow mediaserver ctl_default_prop:property_service set; |
diff --git a/sepolicy/ueventd.te b/sepolicy/ueventd.te index 690cf1e..2f54d8e 100644 --- a/sepolicy/ueventd.te +++ b/sepolicy/ueventd.te | |||
@@ -1,3 +1,3 @@ | |||
1 | #Rules for crda operations | 1 | #Rules for crda operations |
2 | allow ueventd self:netlink_generic_socket { create_socket_perms }; | 2 | allow ueventd self:netlink_generic_socket { create_socket_perms_no_ioctl }; |
3 | allow ueventd system_file:file { execute_no_trans }; | 3 | allow ueventd system_file:file { execute_no_trans }; |
diff --git a/sepolicy/vis.te b/sepolicy/vis.te index 7f1356c..101cf39 100644 --- a/sepolicy/vis.te +++ b/sepolicy/vis.te | |||
@@ -7,7 +7,7 @@ init_daemon_domain(vis) | |||
7 | # Allow access to IPC related resources | 7 | # Allow access to IPC related resources |
8 | allow vis devpts:chr_file { read write ioctl getattr }; | 8 | allow vis devpts:chr_file { read write ioctl getattr }; |
9 | allow vis fwmarkd_socket:sock_file write; | 9 | allow vis fwmarkd_socket:sock_file write; |
10 | allow vis self:socket { create_socket_perms }; | 10 | allow vis self:socket { create_socket_perms_no_ioctl }; |
11 | allow vis self:tcp_socket { create_stream_socket_perms }; | 11 | allow vis self:tcp_socket { create_stream_socket_perms }; |
12 | allow vis netd:unix_stream_socket connectto; | 12 | allow vis netd:unix_stream_socket connectto; |
13 | allow vis node:tcp_socket node_bind; | 13 | allow vis node:tcp_socket node_bind; |