sepolicy/init.te: update sepolicy rules for marshmallow

updated for following warnings: avc: denied { create } for pid=1 comm="init" name="sdcard" scontext=u:r:init:s0 tcontext=u:object_r:tmpfs:s0 tclass=lnk_file permissive=1 avc: denied { mounton } for pid=1 comm="init" path="/cache" dev="rootfs" ino=73 scontext=u:r:init:s0 tcontext=u:object_r:cache_file:s0 tclass=dir permissive=1 avc: denied { mounton } for pid=1 comm="init" path="/storage" dev="rootfs" ino=73 scontext=u:r:init:s0 tcontext=u:object_r:storage_file:s0 tclass=dir permissive=1 Change-Id: I454c559c7f5fd649db66d920ec8c96a3aba24288 Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
author: Yongqin Liu <yongqin.liu@linaro.org> 2015-10-20 15:37:50 +0100
committer: Yongqin Liu <yongqin.liu@linaro.org> 2015-10-20 15:37:50 +0100
commit: bca322e6a71240259a9f95a5125b202237edd84d (patch)
tree: 69f249d66c9894a665cd98c7709063e07fbe454a
parent: 11f4c3ddb2cec141778a0ecc28d49e7b43d137a0 (diff)
download: common-bca322e6a71240259a9f95a5125b202237edd84d.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/sepolicy/init.te b/sepolicy/init.te
index a8cca76..5bb167a 100644
--- a/sepolicy/init.te
+++ b/sepolicy/init.te
@@ -5,3 +5,7 @@ allow init self:capability { sys_module };
 allow init self:tcp_socket create;
 allow init gatord:process { transition rlimitinh siginh };
 allow init kernel:system module_request;
+
+allow init tmpfs:lnk_file create_file_perms;
+allow init cache_file:dir mounton;
+allow init storage_file:dir mounton;
author	Yongqin Liu <yongqin.liu@linaro.org>	2015-10-20 15:37:50 +0100
committer	Yongqin Liu <yongqin.liu@linaro.org>	2015-10-20 15:37:50 +0100
commit	bca322e6a71240259a9f95a5125b202237edd84d (patch)
tree	69f249d66c9894a665cd98c7709063e07fbe454a
parent	11f4c3ddb2cec141778a0ecc28d49e7b43d137a0 (diff)
download	common-bca322e6a71240259a9f95a5125b202237edd84d.tar.gz