summaryrefslogtreecommitdiffstats
path: root/target/board/generic
diff options
context:
space:
mode:
authorNick Kralevich <nnk@google.com>2014-03-18 15:17:35 -0700
committerNick Kralevich <nnk@google.com>2014-03-18 15:17:35 -0700
commitb20966f803e18c4cfbeb46af784fc2a553dd21b2 (patch)
tree4a88fc55ba79fcd1d965405e2be26e83b372b4f6 /target/board/generic
parent1cda15d3234a502ba7332b56a7bbecca228731cf (diff)
downloadbuild-b20966f803e18c4cfbeb46af784fc2a553dd21b2.zip
build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.tar.gz
build-b20966f803e18c4cfbeb46af784fc2a553dd21b2.tar.bz2
Allow shell serial_device read-write access
When starting the emulator, the system console writes entries to /dev/ttyS2. We need to allow the writes, otherwise this generates denials when you run "emulator -verbose -logcat '*:v' -show-kernel" Addresses the following denial: type=1400 audit(1395076594.320:446): avc: denied { read write } for pid=5600 comm="sh" path="/dev/ttyS2" dev="tmpfs" ino=1487 scontext=u:r:shell:s0 tcontext=u:object_r:serial_device:s0 tclass=chr_file Bug: 13506702 Change-Id: I3729537cabb0bf8e8b2905d3def43a293bb1081f
Diffstat (limited to 'target/board/generic')
-rw-r--r--target/board/generic/BoardConfig.mk1
-rw-r--r--target/board/generic/sepolicy/shell.te1
2 files changed, 2 insertions, 0 deletions
diff --git a/target/board/generic/BoardConfig.mk b/target/board/generic/BoardConfig.mk
index 53a5512..c672be8 100644
--- a/target/board/generic/BoardConfig.mk
+++ b/target/board/generic/BoardConfig.mk
@@ -86,5 +86,6 @@ BOARD_SEPOLICY_UNION += \
mediaserver.te \
qemud.te \
rild.te \
+ shell.te \
surfaceflinger.te \
system_server.te
diff --git a/target/board/generic/sepolicy/shell.te b/target/board/generic/sepolicy/shell.te
new file mode 100644
index 0000000..b246d7e
--- /dev/null
+++ b/target/board/generic/sepolicy/shell.te
@@ -0,0 +1 @@
+allow shell serial_device:chr_file rw_file_perms;