diff options
| author | Louis Popi <theh2o64@gmail.com> | 2017-06-28 18:00:27 +0200 |
|---|---|---|
| committer | mayankbali <mayankbali3@gmail.com> | 2017-07-10 20:28:02 +0530 |
| commit | c0382b76c4d2b9f1f74dd7cb9247f0b9dcfe6512 (patch) | |
| tree | 26f185a068bfe773cc9e3f56b9c97119dc20940f | |
| parent | 173e2a24ad622520fcdd5a1e4c15752f650dd8b3 (diff) | |
msm8916-common: Adress sepolicy issues
[ 9.385228] type=1400 audit(232341.949:9): avc: denied { read write } for pid=319 comm="qmuxd" name="diag" dev="tmpfs" ino=3955 scontext=u:r:qmuxd:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file permissive=0
[ 46.353785] type=1400 audit(1498635921.459:11): avc: denied { search } for pid=334 comm="mediacodec" name="/" dev="mmcblk0p1" ino=1 scontext=u:r:mediacodec:s0 tcontext=u:object_r:firmware_file:s0 tclass=dir permissive=0
[ 46.399228] type=1400 audit(1498635921.509:12): avc: denied { search } for pid=334 comm="mediacodec" name="/" dev="mmcblk0p1" ino=1 scontext=u:r:mediacodec:s0 tcontext=u:object_r:firmware_file:s0 tclass=dir permissive=0
[ 46.542030] type=1400 audit(1498635921.649:13): avc: denied { search } for pid=334 comm="mediacodec" name="/" dev="mmcblk0p1" ino=1 scontext=u:r:mediacodec:s0 tcontext=u:object_r:firmware_file:s0 tclass=dir permissive=0
[ 46.559826] type=1400 audit(1498635921.669:14): avc: denied { search } for pid=334 comm="mediacodec" name="/" dev="mmcblk0p1" ino=1 scontext=u:r:mediacodec:s0 tcontext=u:object_r:firmware_file:s0 tclass=dir permissive=0
[ 46.950779] type=1400 audit(1498635922.059:15): avc: denied { read } for pid=1514 comm="system_server" name="fonts.xml" dev="mmcblk0p29" ino=707793 scontext=u:r:system_server:s0 tcontext=u:object_r:theme_data_file:s0 tclass=file permissive=0
| -rw-r--r-- | sepolicy/mediacodec.te | 2 | ||||
| -rw-r--r-- | sepolicy/qmuxd.te | 2 | ||||
| -rw-r--r-- | sepolicy/system_server.te | 2 |
3 files changed, 6 insertions, 0 deletions
diff --git a/sepolicy/mediacodec.te b/sepolicy/mediacodec.te new file mode 100644 index 0000000..388e311 --- /dev/null +++ b/sepolicy/mediacodec.te @@ -0,0 +1,2 @@ +allow mediacodec firmware_file:dir search; + diff --git a/sepolicy/qmuxd.te b/sepolicy/qmuxd.te new file mode 100644 index 0000000..6309e0e --- /dev/null +++ b/sepolicy/qmuxd.te @@ -0,0 +1,2 @@ +allow qmuxd diag_device:chr_file { read write }; + diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te new file mode 100644 index 0000000..e7e305c --- /dev/null +++ b/sepolicy/system_server.te @@ -0,0 +1,2 @@ +# Theme Manager +allow system_server theme_data_file:file read; |