mediatek/wembley-sepolicy.git

diff options

author	Shanshan Guo <Shanshan.Guo@mediatek.com>	2020-01-10 16:22:03 +0800
committer	Shanshan Guo <Shanshan.Guo@mediatek.com>	2020-01-10 17:40:44 +0800
commit	86296cf74da59aa881bb2ae8ad868195b67079d5 (patch)
tree	74f3d7b383742c40b0869b9702ceabd94f227258 /r_non_plat/hal_mms.te
parent	053b034ad55c86133fa7d13d4d65016e2e4bd480 (diff)
download	wembley-sepolicy-86296cf74da59aa881bb2ae8ad868195b67079d5.tar.gz

[ALPS04967419] SEPolicy: Add neverallow rule for sysfs

[Detail] Do not allow access to the generic sysfs label. This is too broad. Instead, if access to part of sysfs is desired, it should have a more specific label. TODO: Remove hal_usb/mtk_hal_usb and so on once there are no violations. EX. allow hal_usb sysfs:file write; hal_server_domain(mtk_hal_usb, hal_usb) r_dir_file(hal_wifi, sysfs_type) hal_server_domain(mtk_hal_wifi, hal_wifi) [Solution] 1.Add neverallow rule for sysfs. 2.Remove the conflicting SEPolicies. Change-Id: I304a1a87b23623e320ff7346da9d10a09264152b CR-Id: ALPS04967419 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK

Diffstat (limited to 'r_non_plat/hal_mms.te')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: