diff options
author | Nick Kralevich <nnk@google.com> | 2014-03-18 15:17:35 -0700 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2014-03-18 15:17:35 -0700 |
commit | b20966f803e18c4cfbeb46af784fc2a553dd21b2 (patch) | |
tree | 4a88fc55ba79fcd1d965405e2be26e83b372b4f6 /target/board/generic | |
parent | 1cda15d3234a502ba7332b56a7bbecca228731cf (diff) | |
download | build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.zip build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.tar.gz build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.tar.bz2 |
Allow shell serial_device read-write access
When starting the emulator, the system console writes entries
to /dev/ttyS2. We need to allow the writes, otherwise this generates
denials when you run "emulator -verbose -logcat '*:v' -show-kernel"
Addresses the following denial:
type=1400 audit(1395076594.320:446): avc: denied { read write } for pid=5600 comm="sh" path="/dev/ttyS2" dev="tmpfs" ino=1487 scontext=u:r:shell:s0 tcontext=u:object_r:serial_device:s0 tclass=chr_file
Bug: 13506702
Change-Id: I3729537cabb0bf8e8b2905d3def43a293bb1081f
Diffstat (limited to 'target/board/generic')
-rw-r--r-- | target/board/generic/BoardConfig.mk | 1 | ||||
-rw-r--r-- | target/board/generic/sepolicy/shell.te | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/target/board/generic/BoardConfig.mk b/target/board/generic/BoardConfig.mk index 53a5512..c672be8 100644 --- a/target/board/generic/BoardConfig.mk +++ b/target/board/generic/BoardConfig.mk @@ -86,5 +86,6 @@ BOARD_SEPOLICY_UNION += \ mediaserver.te \ qemud.te \ rild.te \ + shell.te \ surfaceflinger.te \ system_server.te diff --git a/target/board/generic/sepolicy/shell.te b/target/board/generic/sepolicy/shell.te new file mode 100644 index 0000000..b246d7e --- /dev/null +++ b/target/board/generic/sepolicy/shell.te @@ -0,0 +1 @@ +allow shell serial_device:chr_file rw_file_perms; |