summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--target/board/generic/BoardConfig.mk3
-rw-r--r--target/board/generic/sepolicy/domain.te2
-rw-r--r--target/board/generic/sepolicy/surfaceflinger.te1
3 files changed, 6 insertions, 0 deletions
diff --git a/target/board/generic/BoardConfig.mk b/target/board/generic/BoardConfig.mk
index 3bd4f31..1db56db 100644
--- a/target/board/generic/BoardConfig.mk
+++ b/target/board/generic/BoardConfig.mk
@@ -52,3 +52,6 @@ BOARD_CACHEIMAGE_PARTITION_SIZE := 69206016
BOARD_CACHEIMAGE_FILE_SYSTEM_TYPE := ext4
BOARD_FLASH_BLOCK_SIZE := 512
TARGET_USERIMAGES_SPARSE_EXT_DISABLED := true
+
+BOARD_SEPOLICY_DIRS += build/target/board/generic/sepolicy
+BOARD_SEPOLICY_UNION += domain.te surfaceflinger.te
diff --git a/target/board/generic/sepolicy/domain.te b/target/board/generic/sepolicy/domain.te
new file mode 100644
index 0000000..f026100
--- /dev/null
+++ b/target/board/generic/sepolicy/domain.te
@@ -0,0 +1,2 @@
+# For /sys/qemu_trace files in the emulator.
+allow domain sysfs_writable:file rw_file_perms;
diff --git a/target/board/generic/sepolicy/surfaceflinger.te b/target/board/generic/sepolicy/surfaceflinger.te
new file mode 100644
index 0000000..9523630
--- /dev/null
+++ b/target/board/generic/sepolicy/surfaceflinger.te
@@ -0,0 +1 @@
+allow surfaceflinger self:process execmem;