| author | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-02-13 14:09:57 (GMT) |
|---|---|---|
| committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-02-13 14:09:57 (GMT) |
| commit | 960ad133385fb1f3aedca25ebbd0ae5989b24310 (patch) | |
| tree | 84e103c8a64f470c3c8cc7179b7369c336ca8bd6 | |
| parent | 6afdee293779380db3c8ee83f06bccfa31185bf0 (diff) | |
| parent | 678673300fac46fa2dd4df4206a23e94d822d19f (diff) | |
| download | common-960ad133385fb1f3aedca25ebbd0ae5989b24310.zip common-960ad133385fb1f3aedca25ebbd0ae5989b24310.tar.gz common-960ad133385fb1f3aedca25ebbd0ae5989b24310.tar.bz2 | |
Merge "hal_memtrack_default: selinux permission for EGL&GL mem track [1/3]" into q-tv-dev am: 678673300f
Change-Id: I4de74a3a713cc8b39a5327633587a40c100ce8f6
| -rwxr-xr-x | sepolicy/file.te | 2 | ||||
| -rwxr-xr-x | sepolicy/file_contexts | 2 | ||||
| -rwxr-xr-x | sepolicy/genfs_contexts | 2 | ||||
| -rw-r--r-- | sepolicy/hal_memtrack_default.te | 7 |
4 files changed, 13 insertions, 0 deletions
diff --git a/sepolicy/file.te b/sepolicy/file.te index 53dfbc7..795e6c3 100755 --- a/sepolicy/file.te +++ b/sepolicy/file.te @@ -5,6 +5,8 @@ type iso9660, sdcard_type, fs_type; type udf,sdcard_type, fs_type; #type proc_mounts, fs_type; type debugfs_mali, fs_type, sysfs_type, debugfs_type; +type sysfs_mali, fs_type, sysfs_type; +type debugfs_ion, fs_type, sysfs_type, debugfs_type; type pppoe_wrapper_socket, file_type; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index a3d9f80..138f7b8 100755 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -250,6 +250,8 @@ /dev/graphics/fb0 u:object_r:sysfs_display:s0 /dev/graphics/fb1 u:object_r:sysfs_display:s0 +/sys/devices/platform/ffe40000.bifrost/mem_pool_size u:object_r:sysfs_mali:s0 + /sys/devices/system/clocksource/clocksource0/current_clocksource u:object_r:sysfs_clock:s0 /sys/devices/platform/rtc/rtc/rtc0/hctosys u:object_r:sysfs_rtc:s0 diff --git a/sepolicy/genfs_contexts b/sepolicy/genfs_contexts index 12636ad..58889f5 100755 --- a/sepolicy/genfs_contexts +++ b/sepolicy/genfs_contexts @@ -8,6 +8,8 @@ genfscon proc /bluetooth/sleep/btwrite u:object_r:proc_bluetooth_writable:s0 #genfscon ntfs / u:object_r:ntfs:s0 #genfscon exfat / u:object_r:exfat:s0 genfscon debugfs /mali0 u:object_r:debugfs_mali:s0 +genfscon debugfs /mali0/ctx u:object_r:debugfs_mali:s0 +genfscon debugfs /ion/heaps u:object_r:debugfs_ion:s0 genfscon proc /sys/vm/watermark_scale_factor u:object_r:proc_vm_writable:s0 genfscon proc /sys/vm/min_free_kbytes u:object_r:proc_vm_writable:s0 genfscon sysfs /class/astream u:object_r:sysfs_astream:s0 diff --git a/sepolicy/hal_memtrack_default.te b/sepolicy/hal_memtrack_default.te index a69e3b5..fc60ab8 100644 --- a/sepolicy/hal_memtrack_default.te +++ b/sepolicy/hal_memtrack_default.te @@ -1,6 +1,13 @@ typeattribute hal_memtrack_default mlstrustedsubject; +allow hal_memtrack_default debugfs:dir { read open }; +allow hal_memtrack_default sysfs:file { r_file_perms }; + allow hal_memtrack_default debugfs_mali:dir { search r_dir_perms}; +allow hal_memtrack_default debugfs_ion:dir { search read open }; + allow hal_memtrack_default debugfs_mali:file r_file_perms; +allow hal_memtrack_default debugfs_ion:file { r_file_perms }; +allow hal_memtrack_default sysfs_mali:file { r_file_perms }; r_dir_file(hal_memtrack_default, domain) |