am57xevm: sepolicy: Mark sp-hal files

Mark /system/lib/vndk-sp/hw path as 'sp-hal' namespace. This patch fixes SELinux messages like: avc: denied { open } for pid=222 comm="HwBinder:222_5" path="/system/lib/vndk-sp/hw" dev="mmcblk1p10" ino=799 scontext=u:r:mediacodec:s0 tcontext=u:object_r:system_file:s0 tclass=dir permissive=1 Signed-off-by: Ruslan Trofymenko <ruslan.trofymenko@linaro.org> Acked-by: Mykhailo Sopiha <mykhailo.sopiha@linaro.org>
author: Ruslan Trofymenko <ruslan.trofymenko@linaro.org> 2018-10-08 19:30:59 +0000
committer: Praneeth Bajjuri <praneeth@ti.com> 2018-10-12 08:50:32 -0500
commit: 2c065081dba77908050c267c1ea806a46ae64e4b (patch)
tree: ee2565bd6d3de158585fee90cd5b34cc5198dced
parent: c051779531b0d23210cccc9bfd728350293ddd85 (diff)
download: am57xevm-2c065081dba77908050c267c1ea806a46ae64e4b.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 835bcbf..f25f6e9 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -35,6 +35,8 @@
 /sys/class/uio/uio[0-9](/.*)?   u:object_r:sysfs_uio:s0
 /sys/devices/platform/bfb00000\.sr0/uio/uio[0-9](/.*)? u:object_r:sysfs_uio:s0
 
+/system/lib/vndk-sp/hw(/.*)?    u:object_r:same_process_hal_file:s0
+
 #Block devices
 /dev/block/platform/44000000.ocp/480b4000.mmc/by-name/system     u:object_r:system_block_device:s0
 /dev/block/platform/44000000.ocp/480b4000.mmc/by-name/recovery   u:object_r:recovery_block_device:s0
author	Ruslan Trofymenko <ruslan.trofymenko@linaro.org>	2018-10-08 19:30:59 +0000
committer	Praneeth Bajjuri <praneeth@ti.com>	2018-10-12 08:50:32 -0500
commit	2c065081dba77908050c267c1ea806a46ae64e4b (patch)
tree	ee2565bd6d3de158585fee90cd5b34cc5198dced
parent	c051779531b0d23210cccc9bfd728350293ddd85 (diff)
download	am57xevm-2c065081dba77908050c267c1ea806a46ae64e4b.tar.gz