diff options
| author | Jeff Vander Stoep <jeffv@google.com> | 2019-01-25 13:19:52 -0800 |
|---|---|---|
| committer | Jeff Vander Stoep <jeffv@google.com> | 2019-01-25 13:19:52 -0800 |
| commit | f8f683a1caf4a0305ae13e9ed02a0a15e6a5768e (patch) | |
| tree | 05738b3b3b8bb30f46b4d44a97890133d395df32 | |
| parent | f136f6025936649125fe970e3202f2cf4160cc7f (diff) | |
| download | crosshatch-sepolicy-f8f683a1caf4a0305ae13e9ed02a0a15e6a5768e.tar.gz | |
Treble-ize tmpfs access
Declare *_tmpfs types for all vendor domains which need it.
Bug: 122854450
Test: Sepolicy-build tests.
Test: build crosshatch-userdebug
Change-Id: I5963f8166be06a06009cae3baeab37c6b72bcc59
| -rw-r--r-- | private/wfc_activation_app.te | 1 | ||||
| -rw-r--r-- | public/dataservice_app.te | 3 | ||||
| -rw-r--r-- | vendor/google/google_camera_app.te | 1 | ||||
| -rw-r--r-- | vendor/google/grilservice_app.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/con_monitor.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/easelservice_app.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/factory_ota_app.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/hardware_info_app.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/logger_app.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/modem_diagnostics.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/qtelephony.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/ramdump_app.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/ril_config_service.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/secure_ui_service_app.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/ssr_detector.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/tango_core.te | 1 | ||||
| -rw-r--r-- | vendor/qcom/common/timeservice_app.te | 1 | ||||
| -rw-r--r-- | vendor/verizon/obdm_app.te | 1 |
18 files changed, 19 insertions, 1 deletions
diff --git a/private/wfc_activation_app.te b/private/wfc_activation_app.te index cd32efc..9e2c9ef 100644 --- a/private/wfc_activation_app.te +++ b/private/wfc_activation_app.te @@ -1,4 +1,5 @@ type wfc_activation_app, domain, coredomain; +type wfc_activation_app_tmpfs, file_type; app_domain(wfc_activation_app) net_domain(wfc_activation_app) diff --git a/public/dataservice_app.te b/public/dataservice_app.te index 8c8d82f..9a31088 100644 --- a/public/dataservice_app.te +++ b/public/dataservice_app.te @@ -1 +1,2 @@ -type dataservice_app, domain;
\ No newline at end of file +type dataservice_app, domain; +type dataservice_app_tmpfs, file_type; diff --git a/vendor/google/google_camera_app.te b/vendor/google/google_camera_app.te index 6520084..a296a36 100644 --- a/vendor/google/google_camera_app.te +++ b/vendor/google/google_camera_app.te @@ -1,4 +1,5 @@ type google_camera_app, domain, coredomain; +type google_camera_app_tmpfs, file_type; app_domain(google_camera_app) net_domain(google_camera_app) diff --git a/vendor/google/grilservice_app.te b/vendor/google/grilservice_app.te index 729f29b..5354f39 100644 --- a/vendor/google/grilservice_app.te +++ b/vendor/google/grilservice_app.te @@ -1,4 +1,5 @@ type grilservice_app, domain; +type grilservice_app_tmpfs, file_type; app_domain(grilservice_app) diff --git a/vendor/qcom/common/con_monitor.te b/vendor/qcom/common/con_monitor.te index e08313d..86d2ccf 100644 --- a/vendor/qcom/common/con_monitor.te +++ b/vendor/qcom/common/con_monitor.te @@ -1,5 +1,6 @@ # ConnectivityMonitor app type con_monitor_app, domain; +type con_monitor_app_tmpfs, file_type; app_domain(con_monitor_app) diff --git a/vendor/qcom/common/easelservice_app.te b/vendor/qcom/common/easelservice_app.te index f18b223..58dda75 100644 --- a/vendor/qcom/common/easelservice_app.te +++ b/vendor/qcom/common/easelservice_app.te @@ -1,4 +1,5 @@ type easelservice_app, domain; +type easelservice_app_tmpfs, file_type; app_domain(easelservice_app) diff --git a/vendor/qcom/common/factory_ota_app.te b/vendor/qcom/common/factory_ota_app.te index b2d879d..49e0f19 100644 --- a/vendor/qcom/common/factory_ota_app.te +++ b/vendor/qcom/common/factory_ota_app.te @@ -1,4 +1,5 @@ type factory_ota_app, domain, coredomain; +type factory_ota_app_tmpfs, file_type; app_domain(factory_ota_app) net_domain(factory_ota_app) diff --git a/vendor/qcom/common/hardware_info_app.te b/vendor/qcom/common/hardware_info_app.te index 5c290fd..35e59c5 100644 --- a/vendor/qcom/common/hardware_info_app.te +++ b/vendor/qcom/common/hardware_info_app.te @@ -1,4 +1,5 @@ type hardware_info_app, domain; +type hardware_info_app_tmpfs, file_type; app_domain(hardware_info_app) diff --git a/vendor/qcom/common/logger_app.te b/vendor/qcom/common/logger_app.te index 79de7e5..6cdd95b 100644 --- a/vendor/qcom/common/logger_app.te +++ b/vendor/qcom/common/logger_app.te @@ -1,4 +1,5 @@ type logger_app, domain; +type logger_app_tmpfs, file_type; userdebug_or_eng(` app_domain(logger_app) diff --git a/vendor/qcom/common/modem_diagnostics.te b/vendor/qcom/common/modem_diagnostics.te index f6366cc..0268a2f 100644 --- a/vendor/qcom/common/modem_diagnostics.te +++ b/vendor/qcom/common/modem_diagnostics.te @@ -1,5 +1,6 @@ # ModemDiagnosticSystem app type modem_diagnostic_app, domain; +type modem_diagnostic_app_tmpfs, file_type; app_domain(modem_diagnostic_app) net_domain(modem_diagnostic_app) diff --git a/vendor/qcom/common/qtelephony.te b/vendor/qcom/common/qtelephony.te index e9a0073..b015043 100644 --- a/vendor/qcom/common/qtelephony.te +++ b/vendor/qcom/common/qtelephony.te @@ -1,5 +1,6 @@ # Qualcomm telephony apps, such as AtFwd and FastDormancy type qtelephony, domain; +type qtelephony_tmpfs, file_type; app_domain(qtelephony) diff --git a/vendor/qcom/common/ramdump_app.te b/vendor/qcom/common/ramdump_app.te index b511c3b..9db01af 100644 --- a/vendor/qcom/common/ramdump_app.te +++ b/vendor/qcom/common/ramdump_app.te @@ -1,4 +1,5 @@ type ramdump_app, domain; +type ramdump_app_tmpfs, file_type; userdebug_or_eng(` app_domain(ramdump_app) diff --git a/vendor/qcom/common/ril_config_service.te b/vendor/qcom/common/ril_config_service.te index 18660b3..5c67f56 100644 --- a/vendor/qcom/common/ril_config_service.te +++ b/vendor/qcom/common/ril_config_service.te @@ -1,4 +1,5 @@ type ril_config_service_app, domain; +type ril_config_service_app_tmpfs, file_type; app_domain(ril_config_service_app) allow ril_config_service_app app_api_service:service_manager find; diff --git a/vendor/qcom/common/secure_ui_service_app.te b/vendor/qcom/common/secure_ui_service_app.te index 2130553..fd6497a 100644 --- a/vendor/qcom/common/secure_ui_service_app.te +++ b/vendor/qcom/common/secure_ui_service_app.te @@ -1,4 +1,5 @@ type secure_ui_service_app, domain; +type secure_ui_service_app_tmpfs, file_type; app_domain(secure_ui_service_app); binder_use(secure_ui_service_app); diff --git a/vendor/qcom/common/ssr_detector.te b/vendor/qcom/common/ssr_detector.te index 0fd4cc7..d9b24b5 100644 --- a/vendor/qcom/common/ssr_detector.te +++ b/vendor/qcom/common/ssr_detector.te @@ -1,5 +1,6 @@ # SSRestartDetector app type ssr_detector_app, domain; +type ssr_detector_app_tmpfs, file_type; app_domain(ssr_detector_app) diff --git a/vendor/qcom/common/tango_core.te b/vendor/qcom/common/tango_core.te index 4a736eb..5deffe4 100644 --- a/vendor/qcom/common/tango_core.te +++ b/vendor/qcom/common/tango_core.te @@ -1,4 +1,5 @@ type tango_core, domain; +type tango_core_tmpfs, file_type; app_domain(tango_core) diff --git a/vendor/qcom/common/timeservice_app.te b/vendor/qcom/common/timeservice_app.te index c047793..3b0888b 100644 --- a/vendor/qcom/common/timeservice_app.te +++ b/vendor/qcom/common/timeservice_app.te @@ -1,4 +1,5 @@ type timeservice_app, domain; +type timeservice_app_tmpfs, file_type; app_domain(timeservice_app); allow timeservice_app app_api_service:service_manager find; diff --git a/vendor/verizon/obdm_app.te b/vendor/verizon/obdm_app.te index f24baad..04e7e57 100644 --- a/vendor/verizon/obdm_app.te +++ b/vendor/verizon/obdm_app.te @@ -1,4 +1,5 @@ type obdm_app, domain, coredomain; +type obdm_app_tmpfs, file_type; app_domain(obdm_app) net_domain(obdm_app) |