diff options
author | Inseob Kim <inseob@google.com> | 2020-12-15 16:30:40 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-12-15 16:30:40 +0000 |
commit | e1f9cd311ecc0fc457bbdbee987eb2f4d0fe5228 (patch) | |
tree | 7cb53d2b35110c2de5389df2c862a06d59b30055 | |
parent | a83fa3eedfcc1d87ad92a03e7a57fd9119633fab (diff) | |
parent | 2e0ec6140b69cd3f285482f4ca3422bd80c91314 (diff) | |
download | poplar-e1f9cd311ecc0fc457bbdbee987eb2f4d0fe5228.tar.gz |
Fix selinux denials am: 8f4bb060df am: 7e4b3d3e8f am: 2e0ec6140b
Original change: https://android-review.googlesource.com/c/device/linaro/poplar/+/1526763
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I478634c105c2b04a38cb5bcefea1f4cb9fd419ff
-rw-r--r-- | sepolicy/hal_graphics_composer_default.te | 2 | ||||
-rw-r--r-- | sepolicy/system_app.te | 1 | ||||
-rw-r--r-- | sepolicy/untrusted_app.te | 1 |
3 files changed, 0 insertions, 4 deletions
diff --git a/sepolicy/hal_graphics_composer_default.te b/sepolicy/hal_graphics_composer_default.te index 387e0d1..31d5438 100644 --- a/sepolicy/hal_graphics_composer_default.te +++ b/sepolicy/hal_graphics_composer_default.te @@ -12,8 +12,6 @@ allow hal_graphics_composer_default hi_vdec_device:chr_file { read write open io allow hal_graphics_composer_default hi_pq_device:chr_file { read write open ioctl}; allow hal_graphics_composer_default hi_disp_device:chr_file { read write open ioctl}; allow hal_graphics_composer_default hi_sys_device:chr_file { read write open ioctl}; -allow hal_graphics_composer_default system_prop:property_service { set }; -allow hal_graphics_composer_default config_prop:property_service { set }; allow hal_graphics_composer_default vndbinder_device:chr_file { read write open ioctl }; #allow hal_graphics_composer_default hal_graphics_allocator_hwservice:hwservice_manager { find }; allow hal_graphics_composer_default hal_graphics_allocator_default:binder { call }; diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te index 28378ca..24fbe74 100644 --- a/sepolicy/system_app.te +++ b/sepolicy/system_app.te @@ -1,4 +1,3 @@ -set_prop(system_app, hisi_prop) allow system_app mali_device:chr_file { getattr ioctl open read write }; allow system_app hi_vdec_device:chr_file { getattr read write open ioctl }; diff --git a/sepolicy/untrusted_app.te b/sepolicy/untrusted_app.te index ffb9336..4035dd4 100644 --- a/sepolicy/untrusted_app.te +++ b/sepolicy/untrusted_app.te @@ -19,7 +19,6 @@ allow untrusted_app { audio_device tombstone_data_file }:dir { getattr read search }; allow untrusted_app hi_userdata_block_device:blk_file { getattr }; -allow untrusted_app fs_bpf:dir { add_name search write }; allow untrusted_app block_device:{ dir blk_file } { getattr }; allow untrusted_app mali_device:chr_file { getattr ioctl open read write }; allow untrusted_app pstorefs:dir { search }; |