From 18a0f846e9b5f4e5c6592ca8d6c7bf768a8508eb Mon Sep 17 00:00:00 2001
From: RGIB <gibellini.roberto@gmail.com>
Date: Wed, 1 Jun 2016 17:02:15 +0200
Subject: kona : update selinux

Change-Id: I9705e3d989f74a2d3f0279e886a789b628ea0876
---
 samsung_symbols/symbols.cpp | 5 +++--
 selinux/at_distributor.te   | 1 +
 selinux/geomagneticd.te     | 5 +++--
 selinux/gpsd.te             | 7 ++++++-
 selinux/servicemanager.te   | 6 ++++++
 selinux/system_server.te    | 3 ++-
 6 files changed, 21 insertions(+), 6 deletions(-)
 create mode 100644 selinux/servicemanager.te

diff --git a/samsung_symbols/symbols.cpp b/samsung_symbols/symbols.cpp
index e9eec01..9c81192 100644
--- a/samsung_symbols/symbols.cpp
+++ b/samsung_symbols/symbols.cpp
@@ -16,6 +16,7 @@
 
 #include <stdlib.h>
 #include <malloc.h>
+#include "../upstream-dlmalloc/malloc.c"
 
 extern "C" int _ZN7android6Parcel13writeString16EPKDsj();
 extern "C" int _ZN7android6Parcel13writeString16EPKtj(){
@@ -43,7 +44,7 @@ extern "C" void *CRYPTO_malloc(int num, const char *file, int line){
 	if (num <= 0)
 		return NULL;
 	else
-		return malloc(num);
+		return dlmalloc(num);
 }
 
 extern "C" void RIL_register_socket();
@@ -62,4 +63,4 @@ extern "C" void SetClientData(char);
 extern "C" void SetClientData(char) {}
 
 extern "C" void Connect_RILD_Second();
-extern "C" void Connect_RILD_Second() {}
\ No newline at end of file
+extern "C" void Connect_RILD_Second() {}
diff --git a/selinux/at_distributor.te b/selinux/at_distributor.te
index 2a289ca..b700a33 100644
--- a/selinux/at_distributor.te
+++ b/selinux/at_distributor.te
@@ -24,3 +24,4 @@ allow at_distributor servicemanager:binder call;
 allow at_distributor shell_exec:file { read execute open };
 allow at_distributor system_file:file execute_no_trans;
 allow at_distributor zygote_exec:file { read getattr open execute execute_no_trans };
+allow at_distributor system_server:binder { transfer call };
diff --git a/selinux/geomagneticd.te b/selinux/geomagneticd.te
index de18064..755c68e 100644
--- a/selinux/geomagneticd.te
+++ b/selinux/geomagneticd.te
@@ -10,7 +10,8 @@ allow geomagneticd gps_data_file:file { read getattr open };
 allow geomagneticd sysfs:file write;
 allow geomagneticd input_device:dir search;
 allow geomagneticd gps_data_file:dir { write remove_name add_name };
-allow geomagneticd gps_data_file:file { write rename create open setattr };
+allow geomagneticd gps_data_file:file { unlink write rename create open setattr };
 allow geomagneticd self:capability dac_override;
+allow geomagneticd self:capability fowner;
 # load SHIM libraries
-allow init geomagneticd:process noatsecure;
\ No newline at end of file
+allow init geomagneticd:process noatsecure;
diff --git a/selinux/gpsd.te b/selinux/gpsd.te
index 3022b98..c17b21e 100644
--- a/selinux/gpsd.te
+++ b/selinux/gpsd.te
@@ -3,5 +3,10 @@ domain_trans(init, rootfs, gpsd)
 allow gpsd rild:unix_stream_socket connectto;
 allow gpsd sysfs_wake_lock:file { read write open };
 allow gpsd gps_device:chr_file { read write ioctl open };
+allow gpsd servicemanager:binder call;
+allow gpsd cache_file:dir { write add_name };
+allow gpsd cache_file:fifo_file { unlink open create read getattr };
+allow gpsd cache_file:dir remove_name;
+allow gpsd system_server:binder call;
 # load SHIM libraries
-allow init gpsd:process noatsecure;
\ No newline at end of file
+allow init gpsd:process noatsecure;
diff --git a/selinux/servicemanager.te b/selinux/servicemanager.te
new file mode 100644
index 0000000..8d1d17e
--- /dev/null
+++ b/selinux/servicemanager.te
@@ -0,0 +1,6 @@
+allow servicemanager gpsd:dir search;
+allow servicemanager at_distributor:dir search;
+allow servicemanager at_distributor:file { read open };
+allow servicemanager at_distributor:process getattr;
+allow servicemanager gpsd:file { read open };
+allow servicemanager gpsd:process getattr;
diff --git a/selinux/system_server.te b/selinux/system_server.te
index 8f30fdc..cc0fbc4 100644
--- a/selinux/system_server.te
+++ b/selinux/system_server.te
@@ -3,4 +3,5 @@ allow system_server self:capability sys_module;
 allow system_server efs_file:dir search;
 allow system_server efs_file:file { read write open };
 allow system_server gps_data_file:file setattr;
-allow system_server gps_data_file:dir { search write add_name };
\ No newline at end of file
+allow system_server gps_data_file:dir { search write add_name };
+allow system_server at_distributor:binder call;
-- 
cgit v1.1