From 06d687c9dbd8e357bb07eb63932c1774a8fe9a24 Mon Sep 17 00:00:00 2001 From: Artem Borisov Date: Mon, 31 Dec 2018 22:56:20 +0400 Subject: [PATCH] sdm660-common: sepolicy: Resolve init_fingerprint denials Change-Id: Id82f4c6440aeed6a7be6182792c40513102c9f28 Signed-off-by: Akhil Narang --- sepolicy/vendor/file_contexts | 2 +- sepolicy/vendor/init_fingerprint.te | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts index e6fdd86a..6c9546d0 100644 --- a/sepolicy/vendor/file_contexts +++ b/sepolicy/vendor/file_contexts @@ -12,7 +12,7 @@ # FPC Fingerprint /data/vendor/fpc(/.*)? u:object_r:fingerprint_vendor_data_file:s0 -/persist/fpc(/.*)? u:object_r:persist_fingerprint_file:s0 +/(mnt/vendor)/persist/fpc(/.*)? u:object_r:persist_fingerprint_file:s0 /sys/devices/soc/soc:fpc1020(/.*)? u:object_r:fingerprint_sysfs:s0 # HVDCP diff --git a/sepolicy/vendor/init_fingerprint.te b/sepolicy/vendor/init_fingerprint.te index b45cdd6c..72a57a47 100644 --- a/sepolicy/vendor/init_fingerprint.te +++ b/sepolicy/vendor/init_fingerprint.te @@ -9,6 +9,6 @@ allow init_fingerprint vendor_shell_exec:file rx_file_perms; allow init_fingerprint vendor_toolbox_exec:file rx_file_perms; # Allow to delete file -allow init_fingerprint persist_file:dir search; +allow init_fingerprint mnt_vendor_file:dir search; allow init_fingerprint persist_drm_file:dir { read search open write remove_name }; allow init_fingerprint persist_drm_file:file { getattr unlink }; \ No newline at end of file