Commit ea014111 authored by Bernhard Thoben's avatar Bernhard Thoben
Browse files

Changed some more sepolicy properties

Change-Id: I018d7480b8e96e255d634594fbe336c12d12fcf8
parent 513b80cf
allow adbd secd_exec:file { getattr read };
allow adsprpcd secd_exec:file { getattr read };
allow apexd secd_exec:file { getattr read };
allow ashmemd secd_exec:file { getattr read };
allow audioserver tad_socket:sock_file write;
allow audioserver perfd:unix_stream_socket connectto;
allow audioserver socket_device:sock_file write;
allow audioserver secd_exec:file { getattr read };
allow bootanim secd_exec:file { getattr read };
allow bootstat secd_exec:file { getattr read };
......@@ -15,3 +15,4 @@ allow cameraserver init:unix_dgram_socket sendto;
allow cameraserver qcamerasvr:unix_dgram_socket sendto;
allow cameraserver qcamerasvr:unix_stream_socket connectto;
allow cameraserver secd:unix_stream_socket connectto;
allow cameraserver secd_exec:file { getattr read };
allow drmserver secd_exec:file { getattr read };
......@@ -22,3 +22,4 @@ allow flags_health_check test_boot_reason_prop:file { getattr open };
allow flags_health_check alarm_instance_prop:file { getattr open };
allow flags_health_check apexd_prop:file { getattr open };
allow flags_health_check bg_boot_complete_prop:file { getattr open };
allow flags_health_check secd_exec:file { getattr read };
allow fsck diag_partition_device:blk_file { read write };
allow fsck self:capability { dac_override dac_read_search };
allow fsck secd_exec:file { getattr read };
allow fsck tmpfs:blk_file getattr;
allow fsck persist_file:dir getattr;
allow gatekeeperd tee_prop:file { getattr open read };
allow gatekeeperd secd_exec:file { getattr read };
allow gpuservice secd_exec:file { getattr read };
allow hal_audio_default tad_socket:sock_file { create_file_perms write };
allow hal_audio_default secd_exec:file { getattr read };
allow hal_audio_default tad:unix_stream_socket connectto;
......@@ -4,3 +4,4 @@ allow hal_bluetooth_default system_data_file:file { open read };
allow hal_bluetooth_default firmware_file:dir search;
allow hal_bluetooth_default ta_data_file:dir search;
allow hal_bluetooth_default ta_data_file:file { open read };
allow hal_bluetooth_default secd_exec:file { getattr read };
allow hal_cas_default secd_exec:file { getattr read };
allow hal_configstore_default secd_exec:file { getattr read };
allow hal_drm_default secd_exec:file { getattr read };
allow hal_graphics_allocator_default sysfs_graphics:file { getattr open read };
allow hal_graphics_allocator_default secd_exec:file { getattr read };
allow hal_keymaster_qti secd_exec:file { getattr read };
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment