diff options
| author | Tri Vo <trong@google.com> | 2018-01-16 16:34:31 -0800 |
|---|---|---|
| committer | Tri Vo <trong@google.com> | 2018-01-16 17:20:56 -0800 |
| commit | f82d177d9e5435338ad2efc4e79051e159f4f638 (patch) | |
| tree | b4f82dd11f4080243e825d65af23b564606f37eb | |
| parent | 3a5042de4ddf6425e683c99bbe051fe5d6c6dfeb (diff) | |
| download | bullhead-f82d177d9e5435338ad2efc4e79051e159f4f638.tar.gz | |
Mark /vendor files as vendor_file_type.
The following files and correspoding selinux types need vendor_file_type
attribute:
/vendor/bin/mm-qcamera-daemon u:object_r:camera_exec:s0
/vendor/bin/hw/android.hardware.dumpstate@1.0-service.bullhead u:object_r:hal_dumpstate_impl_exec:s0
/vendor/bin/slim_daemon u:object_r:location_exec:s0
/vendor/bin/nanoapp_cmd u:object_r:nanoapp_cmd_exec:s0
/vendor/bin/qti u:object_r:qti_exec:s0
/vendor/bin/sensortool.bullhead u:object_r:sensortool_exec:s0
/vendor/bin/wcnss_filter u:object_r:start_hci_filter_exec:s0
Test: build bullhead sepolicy
Change-Id: I98a0eb0199a02ca8422b8e1fb2e00f89e0098966
| -rw-r--r-- | sepolicy/camera.te | 2 | ||||
| -rw-r--r-- | sepolicy/hal_dumpstate_impl.te | 2 | ||||
| -rw-r--r-- | sepolicy/location.te | 2 | ||||
| -rw-r--r-- | sepolicy/nanoapp_cmd.te | 2 | ||||
| -rw-r--r-- | sepolicy/qti.te | 2 | ||||
| -rw-r--r-- | sepolicy/sensortool.te | 2 | ||||
| -rw-r--r-- | sepolicy/start_hci_filter.te | 2 |
7 files changed, 7 insertions, 7 deletions
diff --git a/sepolicy/camera.te b/sepolicy/camera.te index 29d99dc..d1ecd39 100644 --- a/sepolicy/camera.te +++ b/sepolicy/camera.te @@ -1,6 +1,6 @@ # Qualcomm MSM camera type camera, domain, device_domain_deprecated; -type camera_exec, exec_type, file_type; +type camera_exec, exec_type, vendor_file_type, file_type; init_daemon_domain(camera) diff --git a/sepolicy/hal_dumpstate_impl.te b/sepolicy/hal_dumpstate_impl.te index ae30c7b..9d80587 100644 --- a/sepolicy/hal_dumpstate_impl.te +++ b/sepolicy/hal_dumpstate_impl.te @@ -1,7 +1,7 @@ type hal_dumpstate_impl, domain; hal_server_domain(hal_dumpstate_impl, hal_dumpstate) -type hal_dumpstate_impl_exec, exec_type, file_type; +type hal_dumpstate_impl_exec, exec_type, vendor_file_type, file_type; init_daemon_domain(hal_dumpstate_impl) # Execute dump scripts diff --git a/sepolicy/location.te b/sepolicy/location.te index 210a03c..76a95a1 100644 --- a/sepolicy/location.te +++ b/sepolicy/location.te @@ -1,6 +1,6 @@ # loc_launcher service type location, domain, device_domain_deprecated; -type location_exec, exec_type, file_type; +type location_exec, exec_type, vendor_file_type, file_type; init_daemon_domain(location) diff --git a/sepolicy/nanoapp_cmd.te b/sepolicy/nanoapp_cmd.te index 9bb2b12..c4f5b3e 100644 --- a/sepolicy/nanoapp_cmd.te +++ b/sepolicy/nanoapp_cmd.te @@ -1,5 +1,5 @@ type nanoapp_cmd, domain; -type nanoapp_cmd_exec, exec_type, file_type; +type nanoapp_cmd_exec, exec_type, vendor_file_type, file_type; init_daemon_domain(nanoapp_cmd) diff --git a/sepolicy/qti.te b/sepolicy/qti.te index 123d504..9296612 100644 --- a/sepolicy/qti.te +++ b/sepolicy/qti.te @@ -1,6 +1,6 @@ # Policy for qti type qti, domain, device_domain_deprecated; -type qti_exec, exec_type, file_type; +type qti_exec, exec_type, vendor_file_type, file_type; # Started by init init_daemon_domain(qti) diff --git a/sepolicy/sensortool.te b/sepolicy/sensortool.te index 4bdb9e2..f78af45 100644 --- a/sepolicy/sensortool.te +++ b/sepolicy/sensortool.te @@ -1,5 +1,5 @@ type sensortool, domain, device_domain_deprecated; -type sensortool_exec, exec_type, file_type; +type sensortool_exec, exec_type, vendor_file_type, file_type; init_daemon_domain(sensortool) diff --git a/sepolicy/start_hci_filter.te b/sepolicy/start_hci_filter.te index c2d7355..0579b3f 100644 --- a/sepolicy/start_hci_filter.te +++ b/sepolicy/start_hci_filter.te @@ -1,6 +1,6 @@ #Policy for start_hci_filter type start_hci_filter, domain, device_domain_deprecated; -type start_hci_filter_exec, exec_type, file_type; +type start_hci_filter_exec, exec_type, vendor_file_type, file_type; init_daemon_domain(start_hci_filter); |