sepolicy: make init to have sys_module permission

This change fix follwoing error: avc: denied { sys_module } for pid=1 comm="init" capability=16 scontext=u:r:init:s0 tcontext=u:r:init:s0 tclass=capability permissive=0 and there is not /dev/graphics/fb0 file problem. Change-Id: Ifdea1d62c7f7581347382a6e96bfcea81b8b9baf Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
author: Yongqin Liu <yongqin.liu@linaro.org> 2014-07-25 02:59:09 +0800
committer: Yongqin Liu <yongqin.liu@linaro.org> 2014-07-25 02:59:09 +0800
commit: aba2456d080430c306c26465580b04405ecd340b (patch)
tree: 1ab374f14a2c4bd8b68823a3350947c56550935c
parent: 8700f343e9514293180f75f2a34812f97df2ec2b (diff)
download: juno-aba2456d080430c306c26465580b04405ecd340b.tar.gz
2 files changed, 2 insertions, 0 deletions
diff --git a/BoardConfig.mk b/BoardConfig.mk
index af03de3..06aa78f 100644
--- a/BoardConfig.mk
+++ b/BoardConfig.mk
@@ -67,4 +67,5 @@ BOARD_SEPOLICY_UNION += \
 
 BOARD_SEPOLICY_DIRS += device/linaro/juno/sepolicy
 BOARD_SEPOLICY_UNION += \
+        init.te  \
         file_contexts
diff --git a/sepolicy/init.te b/sepolicy/init.te
new file mode 100644
index 0000000..74b1400
--- /dev/null
+++ b/sepolicy/init.te
@@ -0,0 +1 @@
+allow init self:capability sys_module;
author	Yongqin Liu <yongqin.liu@linaro.org>	2014-07-25 02:59:09 +0800
committer	Yongqin Liu <yongqin.liu@linaro.org>	2014-07-25 02:59:09 +0800
commit	aba2456d080430c306c26465580b04405ecd340b (patch)
tree	1ab374f14a2c4bd8b68823a3350947c56550935c
parent	8700f343e9514293180f75f2a34812f97df2ec2b (diff)
download	juno-aba2456d080430c306c26465580b04405ecd340b.tar.gz