diff options
Diffstat (limited to 'sepolicy')
-rw-r--r-- | sepolicy/file.te | 7 | ||||
-rw-r--r-- | sepolicy/file_contexts | 16 | ||||
-rw-r--r-- | sepolicy/idd.te | 13 |
3 files changed, 36 insertions, 0 deletions
diff --git a/sepolicy/file.te b/sepolicy/file.te index 1fbdf98..3b612b6 100644 --- a/sepolicy/file.te +++ b/sepolicy/file.te @@ -1 +1,8 @@ type sysfs_vibrator, fs_type, sysfs_type; + +# TAD +type secd_socket, file_type; +type secd_data_file, file_type; + +# idd +type iddd_file, file_type, data_file_type; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index ecc8452..7b54068 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -10,3 +10,19 @@ # Hardware tunables /sys/devices/virtual/timed_output/vibrator/vtg_level -- u:object_r:sysfs_vibrator:s0 + +#iddd +/system/bin/iddd u:object_r:iddd_exec:s0 +/idd(/.*)? u:object_r:iddd_file:s0 + +/system/bin/credmgrd u:object_r:credmgr_exec:s0 + +# Taimport +/data/etc(/.*) u:object_r:ta_data_file:s0 + +#TA +/dev/socket/secd_credmgr_sock u:object_r:secd_socket:s0 +/dev/socket/secd_devsec_sock u:object_r:secd_socket:s0 +/dev/socket/secd_ebl_sock u:object_r:secd_socket:s0 +/data/credmgr u:object_r:secd_data_file:s0 +/data/credmgr(/.*) u:object_r:secd_data_file:s0 diff --git a/sepolicy/idd.te b/sepolicy/idd.te new file mode 100644 index 0000000..e9f6a0d --- /dev/null +++ b/sepolicy/idd.te @@ -0,0 +1,13 @@ +type iddd, domain; + +type iddd_exec, exec_type, file_type; +init_daemon_domain(iddd) + +allow iddd self:socket create_socket_perms; +allow iddd iddd_file:fifo_file rw_file_perms; +allow iddd iddd_file:file rw_file_perms; +allow iddd iddd_file:dir rw_file_perms; + +type_transition iddd system_data_file:file iddd_file; + +type credmgr_exec, exec_type, file_type; |