LenovoZ5s/device_lenovo_sdm710-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sdm710-common: sepolicy: Address neverallows

Browse source
This commit is contained in:
luca020400 2019-08-29 10:10:20 +00:00 committed by SamarV-121
parent d315f08575
commit 3e5e42415f
3 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
sepolicy/private/file.te
View file

@ -2,5 +2,5 @@ type adsprpcd_file, file_type;
type bt_firmware_file, file_type;
type firmware_file, file_type;
type persist_file, file_type;
type sysfs_graphics, sysfs_type, fs_type;
type sysfs_white_led, sysfs_type, fs_type;

1
sepolicy/private/file_contexts
View file

@ -6,3 +6,4 @@
/dsp(/.*)? u:object_r:adsprpcd_file:s0
/firmware(/.*)? u:object_r:firmware_file:s0
/persist(/.*)? u:object_r:persist_file:s0

2
sepolicy/private/init.te Normal file
View file

@ -0,0 +1,2 @@
# Allow init to chown/chmod on pseudo files in /sys
allow init sysfs_graphics:file { open read setattr };