wayne-common: Address denials for P

Signed-off-by: Isaac Chen <tingyi364@gmail.com> Change-Id: I6759914e91c1cc437304d74328e970daeb3d25e3
author: Isaac Chen <tingyi364@gmail.com> 2019-07-24 06:04:32 +0200
committer: Isaac Chen <tingyi364@gmail.com> 2019-09-01 16:44:11 +0200
commit: 915e5bfa31e8f1f725e9e3461370c8535017d2e8 (patch)
tree: eecdd755c743e62069dba2b46622ab8813650fa0 /sepolicy/tee.te
parent: eb15173eee7fe3a19fea03da5c06cba1cdb091ad (diff)
1 files changed, 6 insertions, 6 deletions
diff --git a/sepolicy/tee.te b/sepolicy/tee.te
index 85c98a8..0a124bc 100644
--- a/sepolicy/tee.te
+++ b/sepolicy/tee.te
@@ -1,6 +1,6 @@
-# /data/goodix labeling
-type_transition tee system_data_file:{ dir file } fingerprint_data_file;
-
-allow tee fingerprint_data_file:dir create_dir_perms;
-allow tee fingerprint_data_file:file create_file_perms;
-allow tee system_data_file:dir create_dir_perms;
+# TODO(b/36644492): Remove data_between_core_and_vendor_violators once
+# tee no longer directly accesses /data owned by the frameworks.
+typeattribute tee data_between_core_and_vendor_violators;
+allow tee system_data_file:dir r_dir_perms;
+allow tee fingerprintd_data_file:dir rw_dir_perms;
+allow tee fingerprintd_data_file:file create_file_perms;
author	Isaac Chen <tingyi364@gmail.com>	2019-07-24 06:04:32 +0200
committer	Isaac Chen <tingyi364@gmail.com>	2019-09-01 16:44:11 +0200
commit	915e5bfa31e8f1f725e9e3461370c8535017d2e8 (patch)
tree	eecdd755c743e62069dba2b46622ab8813650fa0 /sepolicy/tee.te
parent	eb15173eee7fe3a19fea03da5c06cba1cdb091ad (diff)