diff options
author | Vishal Mahaveer <vishalm@ti.com> | 2016-10-12 14:32:01 -0400 |
---|---|---|
committer | Misael Lopez Cruz <misael.lopez@ti.com> | 2016-11-30 17:13:18 -0600 |
commit | 342b8c84f0ca33f24a08186e8c8de94238fa6da6 (patch) | |
tree | 8b6b2cecc1df335c92472ff819ff86dd11b61d66 | |
parent | 1bb92e34bccd5a221b5e32c6ededf633b3678b51 (diff) | |
download | jacinto6evm-342b8c84f0ca33f24a08186e8c8de94238fa6da6.tar.gz |
jacinto6evm: sepolicy: initial sepolicy rules for lad daemon
Initial rules for lad_dra7xx daemon
Change-Id: I4cff5b47bf978dc87c05bc43926b34899981eefb
Signed-off-by: Vishal Mahaveer <vishalm@ti.com>
-rw-r--r-- | sepolicy/device.te | 2 | ||||
-rw-r--r-- | sepolicy/file_contexts | 8 | ||||
-rw-r--r-- | sepolicy/lad_dra7xx.te | 17 |
3 files changed, 27 insertions, 0 deletions
diff --git a/sepolicy/device.te b/sepolicy/device.te index 1489b07..9af3309 100644 --- a/sepolicy/device.te +++ b/sepolicy/device.te @@ -1,2 +1,4 @@ type bluetooth_control, dev_type; type rtc, dev_type; +type hwspinlock_dev, dev_type; +type uio_dev, dev_type; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 6ac1f73..68f966c 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -25,6 +25,14 @@ #cpuset script /system/bin/init.jacinto6evmboard.cpuset.sh u:object_r:init-cpuset-sh_exec:s0 +#lad_dra7xx +/system/bin/lad_dra7xx u:object_r:lad_dra7xx_exec:s0 +/data/lad(/.*)? u:object_r:lad_data_file:s0 + +#hwspinlock and uio +/dev/hwspinlock u:object_r:hwspinlock_dev:s0 +/dev/uio0 u:object_r:uio_dev:s0 + #Block devices /dev/block/platform/44000000.ocp/480b4000.mmc/by-name/system u:object_r:system_block_device:s0 /dev/block/platform/44000000.ocp/480b4000.mmc/by-name/recovery u:object_r:recovery_block_device:s0 diff --git a/sepolicy/lad_dra7xx.te b/sepolicy/lad_dra7xx.te new file mode 100644 index 0000000..a5ea3a4 --- /dev/null +++ b/sepolicy/lad_dra7xx.te @@ -0,0 +1,17 @@ +type lad_dra7xx, domain; +type lad_dra7xx_exec, exec_type, file_type; +type lad_data_file, file_type, data_file_type; + +# Started by init +init_daemon_domain(lad_dra7xx) + +# Allow access to /data/lad +allow lad_dra7xx devpts:chr_file {read write ioctl getattr }; +allow lad_dra7xx lad_data_file:dir { create_dir_perms }; +allow lad_dra7xx lad_data_file:fifo_file { create_file_perms }; +allow lad_dra7xx self:socket { create_socket_perms }; + +# Allow access to hwspinlock and uio device +allow lad_dra7xx hwspinlock_dev:chr_file { rw_file_perms }; +allow lad_dra7xx uio_dev:chr_file { rw_file_perms }; +allow lad_dra7xx sysfs:file { r_file_perms }; |