diff options
| author | Yifei Qiao <yifei.qiao@mediatek.com> | 2019-07-18 10:00:29 +0800 |
|---|---|---|
| committer | Yifei Qiao <yifei.qiao@mediatek.com> | 2019-07-18 10:00:29 +0800 |
| commit | dae651f326659fe6952fef60ffedff0b7ba3179a (patch) | |
| tree | 55d0dfe2466cfa66dd2992d15f51bbce462c50f3 /prebuilts | |
| parent | b57e8629a67bc5e37251ea6ed582d8d89e09fad9 (diff) | |
| download | wembley-sepolicy-dae651f326659fe6952fef60ffedff0b7ba3179a.tar.gz | |
[ALPS04700799] Align keymanager sepolicy with p0.mp6
Align keymanager sepolicy with p0.mp6
MTK-Commit-Id: 24a187bc32e2be7663abb880c07659834d71f4b0
Change-Id: Ia98525be2155dcf3261633d1e6c25a775426068d
CR-Id: ALPS04700799
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
Diffstat (limited to 'prebuilts')
| -rwxr-xr-x | prebuilts/api/26.0/plat_private/file_contexts | 4 | ||||
| -rwxr-xr-x | prebuilts/api/26.0/plat_private/kisd.te | 31 | ||||
| -rwxr-xr-x | prebuilts/api/26.0/plat_public/device.te | 6 | ||||
| -rwxr-xr-x | prebuilts/api/26.0/plat_public/file.te | 7 | ||||
| -rwxr-xr-x | prebuilts/api/26.0/plat_public/kisd.te | 9 |
5 files changed, 0 insertions, 57 deletions
diff --git a/prebuilts/api/26.0/plat_private/file_contexts b/prebuilts/api/26.0/plat_private/file_contexts index 47caa62..dbc2923 100755 --- a/prebuilts/api/26.0/plat_private/file_contexts +++ b/prebuilts/api/26.0/plat_private/file_contexts @@ -22,7 +22,6 @@ /system/bin/audiocmdservice_atci u:object_r:audiocmdservice_atci_exec:s0 /system/bin/boot_logo_updater u:object_r:boot_logo_updater_exec:s0 /system/bin/meta_tst u:object_r:meta_tst_exec:s0 -/(system\/vendor|vendor)/bin/kisd u:object_r:kisd_exec:s0 /system/bin/pre_meta u:object_r:pre_meta_exec:s0 /system/bin/factory u:object_r:factory_exec:s0 @@ -30,9 +29,6 @@ /(system\/vendor|vendor)/bin/aee_aedv u:object_r:aee_aedv_exec:s0 /(system\/vendor|vendor)/bin/aee_aedv64 u:object_r:aee_aedv_exec:s0 -# kisd for Key Manager -/data/vendor/key_provisioning(/.*)? u:object_r:key_install_data_file:s0 - # storagemanager daemon # it is used to mount all storages in meta/factory mode /system/bin/storagemanagerd u:object_r:storagemanagerd_exec:s0 diff --git a/prebuilts/api/26.0/plat_private/kisd.te b/prebuilts/api/26.0/plat_private/kisd.te deleted file mode 100755 index 4a46812..0000000 --- a/prebuilts/api/26.0/plat_private/kisd.te +++ /dev/null @@ -1,31 +0,0 @@ -# ============================================== -# Policy File of /vendor/bin/kisd Executable File - - -# ============================================== -# Type Declaration -# ============================================== - -type kisd_exec, exec_type, file_type, vendor_file_type; -typeattribute kisd mlstrustedsubject; - -# ============================================== -# MTK Policy Rule -# ============================================== - -init_daemon_domain(kisd) - -allow kisd tee_device:chr_file {read write open ioctl}; -allow kisd provision_file:dir {read write open ioctl add_name search remove_name}; -allow kisd provision_file:file {create read write open getattr unlink}; -#allow kisd system_file:file {execute_no_trans}; -allow kisd block_device:dir {read write open ioctl search}; -allow kisd kb_block_device:blk_file {read write open ioctl getattr}; -allow kisd dkb_block_device:blk_file {read write open ioctl getattr}; -allow kisd key_install_data_file:dir {write remove_name add_name}; -allow kisd key_install_data_file:file {write getattr read create unlink open}; -allow kisd key_install_data_file:dir search; -allow kisd mtd_device:chr_file { open read write }; -allow kisd mtd_device:dir { search }; -allow kisd kb_block_device:chr_file {read write open ioctl getattr}; -allow kisd dkb_block_device:chr_file {read write open ioctl getattr}; diff --git a/prebuilts/api/26.0/plat_public/device.te b/prebuilts/api/26.0/plat_public/device.te deleted file mode 100755 index c034b64..0000000 --- a/prebuilts/api/26.0/plat_public/device.te +++ /dev/null @@ -1,6 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -type kb_block_device,dev_type; -type dkb_block_device,dev_type;
\ No newline at end of file diff --git a/prebuilts/api/26.0/plat_public/file.te b/prebuilts/api/26.0/plat_public/file.te deleted file mode 100755 index 751fb0f..0000000 --- a/prebuilts/api/26.0/plat_public/file.te +++ /dev/null @@ -1,7 +0,0 @@ -# ============================================== -# MTK Policy Rule -# ============================================== - -#for drm key install -type provision_file, file_type, data_file_type; -type key_install_data_file, file_type, data_file_type; diff --git a/prebuilts/api/26.0/plat_public/kisd.te b/prebuilts/api/26.0/plat_public/kisd.te deleted file mode 100755 index 40ae7e3..0000000 --- a/prebuilts/api/26.0/plat_public/kisd.te +++ /dev/null @@ -1,9 +0,0 @@ -# ============================================== -# Policy File of /vendor/bin/kisd Executable File - - -# ============================================== -# Type Declaration -# ============================================== - -type kisd ,domain; |