diff options
| author | Michael Bestas <mkbestas@gmail.com> | 2023-05-11 19:02:30 +0300 |
|---|---|---|
| committer | Siluxsept <ronny.horn.rh@gmail.com> | 2023-06-08 17:12:26 +0200 |
| commit | 1150eaeccaf64df211cabca6451d8bf502f8c40b (patch) | |
| tree | ce3c2872ed040cc10f79a5b6e957b5bf706e2d64 | |
| parent | ce104fa1c565a6038ecba186fa1e1e5ccf2ed266 (diff) | |
sepolicy: Restrict access to /sys/devices/soc0/serial_number
Change-Id: I6254ef6e160ff0d3c3ce2e51f20f557e75826dff
| -rw-r--r-- | sepolicy/vendor/qcom/common/file.te | 1 | ||||
| -rw-r--r-- | sepolicy/vendor/qcom/common/genfs_contexts | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/sepolicy/vendor/qcom/common/file.te b/sepolicy/vendor/qcom/common/file.te index 5ca58bab..48047a39 100644 --- a/sepolicy/vendor/qcom/common/file.te +++ b/sepolicy/vendor/qcom/common/file.te @@ -13,6 +13,7 @@ type sysfs_msm_wlan, sysfs_type, fs_type; type sysfs_poweroff, sysfs_type, fs_type; type sysfs_rmtfs, sysfs_type, fs_type; type sysfs_soc, sysfs_type, fs_type; +type sysfs_soc_sensitive, sysfs_type, fs_type; type sysfs_scsi_devices_0000, sysfs_type, fs_type; type sysfs_scsi_devices_other, sysfs_type, fs_type; type sysfs_mmc, sysfs_type, fs_type; diff --git a/sepolicy/vendor/qcom/common/genfs_contexts b/sepolicy/vendor/qcom/common/genfs_contexts index aa41aaba..cf789191 100644 --- a/sepolicy/vendor/qcom/common/genfs_contexts +++ b/sepolicy/vendor/qcom/common/genfs_contexts @@ -65,6 +65,7 @@ genfscon sysfs /module/diagchar/parameters/timestamp_switch u:object genfscon sysfs /devices/virtual/graphics/fb0 u:object_r:sysfs_graphics:s0 genfscon sysfs /devices/virtual/graphics/fb1 u:object_r:sysfs_graphics:s0 genfscon sysfs /devices/soc0 u:object_r:sysfs_soc:s0 +genfscon sysfs /devices/soc0/serial_number u:object_r:sysfs_soc_sensitive:s0 genfscon sysfs /devices/virtual/misc/mnh_sm u:object_r:sysfs_easel:s0 genfscon sysfs /devices/platform/soc/a88000.i2c/i2c-0/0-0066 u:object_r:sysfs_easel:s0 genfscon sysfs /devices/platform/soc/ac5a000.qcom,fd u:object_r:sysfs_camera:s0 |