diff options
Diffstat (limited to 'sepolicy/workarounds.te')
| -rw-r--r-- | sepolicy/workarounds.te | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/sepolicy/workarounds.te b/sepolicy/workarounds.te index b026b37..7b0b6ab 100644 --- a/sepolicy/workarounds.te +++ b/sepolicy/workarounds.te @@ -11,11 +11,9 @@ allow qti_init_shell tad:unix_stream_socket connectto; allow qti_init_shell tad_socket:sock_file write; allow qti_init_shell toolbox_exec:file entrypoint; - #============= mm-qcamerad ============== allow mm-qcamerad camera_device:chr_file { ioctl open read write }; -allow mm-qcamerad ta_data_file:dir { getattr open read }; - +allow mm-qcamerad ta_data_file:dir { getattr open read search }; #============= thermanager ============== allow thermanager sysfs:file { open read }; @@ -23,15 +21,16 @@ allow thermanager sysfs_battery_supply:dir search; allow thermanager sysfs_battery_supply:file { open read write }; #============= scd ============== -allow scd scd_data:dir getattr; +allow scd scd_data:dir { getattr search }; allow scd scd_data:file { getattr open read write }; -allow scd socket_device:dir { add_name write }; -allow scd socket_device:sock_file { create setattr }; +allow scd socket_device:dir { add_name remove_name write }; +allow scd socket_device:sock_file { create getattr setattr unlink write }; allow scd sysfs:file { getattr open read }; #============= wv ============== allow wv ion_device:chr_file { ioctl open read }; allow wv suntrold:unix_stream_socket connectto; +allow wv suntrold_sock_socket:dir search; allow wv suntrold_sock_socket:sock_file write; allow wv tad:unix_stream_socket connectto; allow wv tad_socket:sock_file write; @@ -39,11 +38,11 @@ allow wv tee_device:chr_file { ioctl open read write }; #============= mediaserver ============== allow mediaserver sensorservice_service:service_manager find; +allow mediaserver sysfs:file write; +allow mediaserver sysfs_battery_supply:dir search; +allow mediaserver sysfs_battery_supply:file { getattr open read }; allow mediaserver ta_data_file:dir { getattr open read }; #============= rmt_storage ============== allow rmt_storage self:capability dac_override; -#============= scd ============== -allow scd socket_device:sock_file write; - |