diff options
| author | Daniel Hillenbrand <codeworkx@cyanogenmod.org> | 2013-08-11 18:24:34 +0200 |
|---|---|---|
| committer | Daniel Hillenbrand <codeworkx@cyanogenmod.org> | 2013-08-11 18:24:34 +0200 |
| commit | 3245a49fdb8ec52ee331baf7f9226f3f8c772b9f (patch) | |
| tree | f471e14b1a8fed88d65af9c4e2dcf0c36e594277 | |
| parent | 2bcc02a461d87b50abca12bac8e400c3da4fa033 (diff) | |
| download | device_samsung_espresso3g-3245a49fdb8ec52ee331baf7f9226f3f8c772b9f.zip device_samsung_espresso3g-3245a49fdb8ec52ee331baf7f9226f3f8c772b9f.tar.gz device_samsung_espresso3g-3245a49fdb8ec52ee331baf7f9226f3f8c772b9f.tar.bz2 | |
p51xx: refine sepolicies
Change-Id: I76104fca535df81717c0a8b3878e59d86c602fb6
| -rw-r--r-- | BoardConfigCommon.mk | 3 | ||||
| -rwxr-xr-x | rootdir/init.espresso10.rc | 1 | ||||
| -rw-r--r-- | selinux/domain.te | 3 | ||||
| -rw-r--r-- | selinux/file_contexts | 3 | ||||
| -rw-r--r-- | selinux/wpa_supplicant.te | 2 |
5 files changed, 7 insertions, 5 deletions
diff --git a/BoardConfigCommon.mk b/BoardConfigCommon.mk index 559aea9..89903d7 100644 --- a/BoardConfigCommon.mk +++ b/BoardConfigCommon.mk @@ -99,7 +99,8 @@ BOARD_SEPOLICY_UNION := \ device.te \ domain.te \ pvrsrvinit.te \ - rild.te + rild.te \ + wpa_supplicant.te # Recovery TARGET_RECOVERY_INITRC := device/samsung/p5100/rootdir/recovery.rc diff --git a/rootdir/init.espresso10.rc b/rootdir/init.espresso10.rc index 900ec72..33c63d3 100755 --- a/rootdir/init.espresso10.rc +++ b/rootdir/init.espresso10.rc @@ -63,6 +63,7 @@ on fs restorecon /efs/FactoryApp/keystr restorecon /efs/FactoryApp/serial_no restorecon /efs/imei/mps_code.dat + restorecon /efs/wifi/.mac.info # pvr module insmod /system/lib/modules/pvrsrvkm_sgx540_120.ko diff --git a/selinux/domain.te b/selinux/domain.te index 7cf1def..ebb4d8b 100644 --- a/selinux/domain.te +++ b/selinux/domain.te @@ -1,8 +1,5 @@ ## Pvrsrvinit allow domain powervr_device:chr_file rw_file_perms; -## /dev/rfkill for wpa_supp -allow wpa rfkill_device:chr_file rw_file_perms; - ## Firmwares allow ueventd { firmware_ducati }:file r_file_perms; diff --git a/selinux/file_contexts b/selinux/file_contexts index a64887a..2c0d875 100644 --- a/selinux/file_contexts +++ b/selinux/file_contexts @@ -18,8 +18,9 @@ # GPS /dev/ttyO0 u:object_r:gps_device:s0 -# for wpa_supp +# Wifi /dev/rfkill u:object_r:rfkill_device:s0 +/efs/wifi/.mac.info u:object_r:wifi_data_file:s0 # System binaries /system/vendor/bin/pvrsrvinit u:object_r:pvrsrvinit_exec:s0 diff --git a/selinux/wpa_supplicant.te b/selinux/wpa_supplicant.te new file mode 100644 index 0000000..f93d624 --- /dev/null +++ b/selinux/wpa_supplicant.te @@ -0,0 +1,2 @@ +allow wpa_socket wifi_data_file:sock_file unlink; +allow wpa rfkill_device:chr_file rw_file_perms; |