From f66c3a3f04f29ae2e96fcbfc49d660029836a26c Mon Sep 17 00:00:00 2001 From: Arian Date: Wed, 4 Sep 2019 19:40:33 +0200 Subject: [PATCH] sdm660: Disable sepolicy and Add minimal sepolicy --- BoardConfigCommon.mk | 9 +++++---- sepolicy-minimal/file.te | 4 ++++ sepolicy-minimal/file_contexts | 5 +++++ 3 files changed, 14 insertions(+), 4 deletions(-) create mode 100644 sepolicy-minimal/file.te create mode 100644 sepolicy-minimal/file_contexts diff --git a/BoardConfigCommon.mk b/BoardConfigCommon.mk index d92878a3..c510ea26 100644 --- a/BoardConfigCommon.mk +++ b/BoardConfigCommon.mk @@ -277,10 +277,11 @@ PROTOBUF_SUPPORTED := true BOARD_USES_QC_TIME_SERVICES := true # SELinux -include device/qcom/sepolicy/sepolicy.mk -BOARD_SEPOLICY_DIRS += $(COMMON_PATH)/sepolicy/vendor -BOARD_PLAT_PUBLIC_SEPOLICY_DIR += $(COMMON_PATH)/sepolicy/public -BOARD_PLAT_PRIVATE_SEPOLICY_DIR += $(COMMON_PATH)/sepolicy/private +# include device/qcom/sepolicy/sepolicy.mk +# BOARD_SEPOLICY_DIRS += $(COMMON_PATH)/sepolicy/vendor +# BOARD_PLAT_PUBLIC_SEPOLICY_DIR += $(COMMON_PATH)/sepolicy/public +# BOARD_PLAT_PRIVATE_SEPOLICY_DIR += $(COMMON_PATH)/sepolicy/private +BOARD_SEPOLICY_DIRS += $(COMMON_PATH)/sepolicy-minimal # Telephony TARGET_USES_ALTERNATIVE_MANUAL_NETWORK_SELECT := true diff --git a/sepolicy-minimal/file.te b/sepolicy-minimal/file.te new file mode 100644 index 00000000..d74de020 --- /dev/null +++ b/sepolicy-minimal/file.te @@ -0,0 +1,4 @@ +type adsprpcd_file, file_type; +type bt_firmware_file, file_type; +type firmware_file, file_type; +type persist_file, file_type; diff --git a/sepolicy-minimal/file_contexts b/sepolicy-minimal/file_contexts new file mode 100644 index 00000000..bfec23e6 --- /dev/null +++ b/sepolicy-minimal/file_contexts @@ -0,0 +1,5 @@ +# Root Symlinks +/bt_firmware(/.*)? u:object_r:bt_firmware_file:s0 +/dsp(/.*)? u:object_r:adsprpcd_file:s0 +/firmware(/.*)? u:object_r:firmware_file:s0 +/persist(/.*)? u:object_r:persist_file:s0