summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sepolicy/file.te7
-rw-r--r--sepolicy/file_contexts16
-rw-r--r--sepolicy/idd.te13
3 files changed, 36 insertions, 0 deletions
diff --git a/sepolicy/file.te b/sepolicy/file.te
index 1fbdf98..3b612b6 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -1 +1,8 @@
type sysfs_vibrator, fs_type, sysfs_type;
+
+# TAD
+type secd_socket, file_type;
+type secd_data_file, file_type;
+
+# idd
+type iddd_file, file_type, data_file_type;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index ecc8452..7b54068 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -10,3 +10,19 @@
# Hardware tunables
/sys/devices/virtual/timed_output/vibrator/vtg_level -- u:object_r:sysfs_vibrator:s0
+
+#iddd
+/system/bin/iddd u:object_r:iddd_exec:s0
+/idd(/.*)? u:object_r:iddd_file:s0
+
+/system/bin/credmgrd u:object_r:credmgr_exec:s0
+
+# Taimport
+/data/etc(/.*) u:object_r:ta_data_file:s0
+
+#TA
+/dev/socket/secd_credmgr_sock u:object_r:secd_socket:s0
+/dev/socket/secd_devsec_sock u:object_r:secd_socket:s0
+/dev/socket/secd_ebl_sock u:object_r:secd_socket:s0
+/data/credmgr u:object_r:secd_data_file:s0
+/data/credmgr(/.*) u:object_r:secd_data_file:s0
diff --git a/sepolicy/idd.te b/sepolicy/idd.te
new file mode 100644
index 0000000..e9f6a0d
--- /dev/null
+++ b/sepolicy/idd.te
@@ -0,0 +1,13 @@
+type iddd, domain;
+
+type iddd_exec, exec_type, file_type;
+init_daemon_domain(iddd)
+
+allow iddd self:socket create_socket_perms;
+allow iddd iddd_file:fifo_file rw_file_perms;
+allow iddd iddd_file:file rw_file_perms;
+allow iddd iddd_file:dir rw_file_perms;
+
+type_transition iddd system_data_file:file iddd_file;
+
+type credmgr_exec, exec_type, file_type;