From 53789b340ccf8ed0208306067c4a55a72a898246 Mon Sep 17 00:00:00 2001
From: Caio Schnepper <caioschnepper@gmail.com>
Date: Thu, 12 Nov 2015 19:12:06 -0200
Subject: galaxys2-common: Marshmallow SELinux support

This was made from scratch, for a general cleanup of unused policies
and update to M guidelines

Change-Id: Id4acda2b384d28b5ca51b3ef0f6e93b648c8e79d
---
 selinux/rild.te | 22 +++++-----------------
 1 file changed, 5 insertions(+), 17 deletions(-)

(limited to 'selinux/rild.te')

diff --git a/selinux/rild.te b/selinux/rild.te
index 3c8040a..5b24906 100644
--- a/selinux/rild.te
+++ b/selinux/rild.te
@@ -1,17 +1,5 @@
-allow rild self:netlink_socket { create bind read write };
-allow rild self:netlink_route_socket { write };
-allow rild self:netlink_kobject_uevent_socket { create bind read write };
-allow rild self:process execmem;
-
-allow rild radio_device:chr_file rw_file_perms;
-allow rild efs_block_device:blk_file rw_file_perms;
-allow rild efs_file:file { read open write setattr };
-allow rild radio_data_file:dir setattr;
-allow rild block_device:dir search;
-allow rild efs_device_file:dir { search write };
-allow rild efs_device_file:file { read write append getattr open setattr };
-allow rild system_data_file:dir { write add_name };
-allow rild system_data_file:file { write create setattr };
-
-allow rild dumpstate_exec:file { read open getattr execute };
-unix_socket_connect(rild, dumpstate, dumpstate)
+allow rild radio_data:dir { search write remove_name getattr add_name setattr };
+allow rild radio_data:file { write getattr setattr read create unlink open };
+allow rild system_file:file execmod;
+allow rild efs_block_device:blk_file read;
+allow rild efs_device_file:dir search;
-- 
cgit v1.1