| author | Xindong Xu <xindong.xu@amlogic.com> | 2018-01-11 06:59:20 (GMT) |
|---|---|---|
| committer | Xindong Xu <xindong.xu@amlogic.com> | 2018-01-19 04:04:48 (GMT) |
| commit | a85631fa606ddced3a39792484b546d609dedad4 (patch) | |
| tree | cdb52d6bc929f2bb2c214f3d65daf6b6589f5a68 | |
| parent | 3756678643de5c43ae85acb5792da0d5bbd20f1c (diff) | |
| download | common-o-8.0-ref-amlogic.zip common-o-8.0-ref-amlogic.tar.gz common-o-8.0-ref-amlogic.tar.bz2 | |
sepolicy: 8.0 reference bring up [2/6]
PD# 158574
8.0 reference bring up
Change-Id: I02eb3a4a8ca6f07e1ff6cb6c515221f62690d6cb
| -rw-r--r-- | sepolicy/e2fs.te | 8 | ||||
| -rw-r--r-- | sepolicy/hal_cas_default.te | 2 | ||||
| -rw-r--r-- | sepolicy/hal_memtrack_default.te | 8 | ||||
| -rw-r--r-- | sepolicy/mediaprovider.te | 1 | ||||
| -rw-r--r-- | sepolicy/recovery.te | 4 | ||||
| -rw-r--r-- | sepolicy/system_server.te | 4 |
6 files changed, 7 insertions, 20 deletions
diff --git a/sepolicy/e2fs.te b/sepolicy/e2fs.te deleted file mode 100644 index 2c04dcc..0000000 --- a/sepolicy/e2fs.te +++ b/dev/null @@ -1,8 +0,0 @@ -allow e2fs cache_block_device:blk_file { read getattr open ioctl write }; -allow e2fs devpts:chr_file { read write getattr ioctl }; -allow e2fs odm_block_device:blk_file getattr; -allow e2fs system_block_fsck_device:blk_file getattr; -allow e2fs tee_block_device:blk_file { getattr ioctl open read write }; -allow e2fs vendor_block_device:blk_file getattr; -allow e2fs sysfs_fs_ext4_features:dir search; -allow e2fs param_block_device:blk_file { getattr ioctl open read write };
\ No newline at end of file diff --git a/sepolicy/hal_cas_default.te b/sepolicy/hal_cas_default.te deleted file mode 100644 index e390b95..0000000 --- a/sepolicy/hal_cas_default.te +++ b/dev/null @@ -1,2 +0,0 @@ -allow hal_cas_default vndbinder_device:chr_file { read write open ioctl }; - diff --git a/sepolicy/hal_memtrack_default.te b/sepolicy/hal_memtrack_default.te index b7e3882..8c4d43e 100644 --- a/sepolicy/hal_memtrack_default.te +++ b/sepolicy/hal_memtrack_default.te @@ -14,16 +14,16 @@ allow hal_memtrack_default hal_dumpstate_default:dir { search }; allow hal_memtrack_default hal_configstore_default:file { open read getattr }; allow hal_memtrack_default hal_configstore_default:dir { search }; -allow hal_memtrack_default hal_cas_default:dir search; -allow hal_memtrack_default hal_cas_default:file { getattr open read }; +#allow hal_memtrack_default hal_cas_default:dir search; +#allow hal_memtrack_default hal_cas_default:file { getattr open read }; allow hal_memtrack_default hal_health_default:dir search; allow hal_memtrack_default hal_health_default:file { getattr open read }; allow hal_memtrack_default hal_light_default:dir search; allow hal_memtrack_default hal_light_default:file { getattr open read }; allow hal_memtrack_default hal_thermal_default:dir search; allow hal_memtrack_default hal_thermal_default:file { getattr open read }; -allow hal_memtrack_default thermalserviced:dir search; -allow hal_memtrack_default thermalserviced:file { getattr open read }; +#allow hal_memtrack_default thermalserviced:dir search; +#allow hal_memtrack_default thermalserviced:file { getattr open read }; allow hal_memtrack_default { priv_app platform_app untrusted_app su drmserver installd keystore mdnsd isolated_app }:dir { search }; allow hal_memtrack_default { priv_app platform_app untrusted_app su drmserver installd keystore mdnsd isolated_app }:file { read open getattr }; diff --git a/sepolicy/mediaprovider.te b/sepolicy/mediaprovider.te deleted file mode 100644 index 85882e5..0000000 --- a/sepolicy/mediaprovider.te +++ b/dev/null @@ -1 +0,0 @@ -allow mediaprovider media_prop:file { getattr open read }; diff --git a/sepolicy/recovery.te b/sepolicy/recovery.te index c60ad7d..80a25b0 100644 --- a/sepolicy/recovery.te +++ b/sepolicy/recovery.te @@ -27,8 +27,8 @@ allow recovery aml_display_prop:file {open read getattr}; allow recovery uboot_prop:file {open read getattr}; allow recovery self:capability2 syslog; -allow recovery sysfs_fs_ext4_features:dir search; -allow recovery sysfs_fs_ext4_features:file read; +#allow recovery sysfs_fs_ext4_features:dir search; +#allow recovery sysfs_fs_ext4_features:file read; #allow recovery update_data_file:file rw_file_perms; #allow recovery update_data_file:dir { search read write open }; diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te index 21fdcbc..7824dca 100644 --- a/sepolicy/system_server.te +++ b/sepolicy/system_server.te @@ -48,6 +48,4 @@ allow system_server hidraw_device:chr_file {open read write ioctl}; allow system_server audio_prop:property_service { set }; allow system_server uhid_device:chr_file { write open ioctl }; -allow system_server hal_audio_default:file write; - -allow system_server mediaprovider:file { write open };
\ No newline at end of file +allow system_server hal_audio_default:file write;
\ No newline at end of file |