diff options
author | Inseob Kim <inseob@google.com> | 2020-12-15 15:52:45 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-12-15 15:52:45 +0000 |
commit | 7e4b3d3e8f461ca1ab9f717003b07a0d41011726 (patch) | |
tree | 7cb53d2b35110c2de5389df2c862a06d59b30055 | |
parent | 5c901074928e66a9938e8f5c2d70f5cec607ee5d (diff) | |
parent | 8f4bb060df4ccc309f7a628ba2f9be0c20477e72 (diff) | |
download | poplar-7e4b3d3e8f461ca1ab9f717003b07a0d41011726.tar.gz |
Fix selinux denials am: 8f4bb060df
Original change: https://android-review.googlesource.com/c/device/linaro/poplar/+/1526763
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I08eed0b7cf11440ad0f1033d09851a65b0508784
-rw-r--r-- | sepolicy/hal_graphics_composer_default.te | 2 | ||||
-rw-r--r-- | sepolicy/system_app.te | 1 | ||||
-rw-r--r-- | sepolicy/untrusted_app.te | 1 |
3 files changed, 0 insertions, 4 deletions
diff --git a/sepolicy/hal_graphics_composer_default.te b/sepolicy/hal_graphics_composer_default.te index 387e0d1..31d5438 100644 --- a/sepolicy/hal_graphics_composer_default.te +++ b/sepolicy/hal_graphics_composer_default.te @@ -12,8 +12,6 @@ allow hal_graphics_composer_default hi_vdec_device:chr_file { read write open io allow hal_graphics_composer_default hi_pq_device:chr_file { read write open ioctl}; allow hal_graphics_composer_default hi_disp_device:chr_file { read write open ioctl}; allow hal_graphics_composer_default hi_sys_device:chr_file { read write open ioctl}; -allow hal_graphics_composer_default system_prop:property_service { set }; -allow hal_graphics_composer_default config_prop:property_service { set }; allow hal_graphics_composer_default vndbinder_device:chr_file { read write open ioctl }; #allow hal_graphics_composer_default hal_graphics_allocator_hwservice:hwservice_manager { find }; allow hal_graphics_composer_default hal_graphics_allocator_default:binder { call }; diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te index 28378ca..24fbe74 100644 --- a/sepolicy/system_app.te +++ b/sepolicy/system_app.te @@ -1,4 +1,3 @@ -set_prop(system_app, hisi_prop) allow system_app mali_device:chr_file { getattr ioctl open read write }; allow system_app hi_vdec_device:chr_file { getattr read write open ioctl }; diff --git a/sepolicy/untrusted_app.te b/sepolicy/untrusted_app.te index ffb9336..4035dd4 100644 --- a/sepolicy/untrusted_app.te +++ b/sepolicy/untrusted_app.te @@ -19,7 +19,6 @@ allow untrusted_app { audio_device tombstone_data_file }:dir { getattr read search }; allow untrusted_app hi_userdata_block_device:blk_file { getattr }; -allow untrusted_app fs_bpf:dir { add_name search write }; allow untrusted_app block_device:{ dir blk_file } { getattr }; allow untrusted_app mali_device:chr_file { getattr ioctl open read write }; allow untrusted_app pstorefs:dir { search }; |