diff options
| -rw-r--r-- | selinux/file.te | 1 | ||||
| -rw-r--r-- | selinux/file_contexts | 7 | ||||
| -rw-r--r-- | selinux/mediaserver.te | 5 | ||||
| -rw-r--r-- | selinux/system.te | 1 | ||||
| -rw-r--r-- | selinux/ueventd.te | 5 |
5 files changed, 17 insertions, 2 deletions
diff --git a/selinux/file.te b/selinux/file.te index 9d1d823..facc492 100644 --- a/selinux/file.te +++ b/selinux/file.te @@ -2,3 +2,4 @@ type firmware_mfc, file_type; type firmware_camera, file_type; type sensors_data_file, file_type, data_file_type; +type volume_data_file, file_type, data_file_type; diff --git a/selinux/file_contexts b/selinux/file_contexts index 9713bce..85bda40 100644 --- a/selinux/file_contexts +++ b/selinux/file_contexts @@ -5,10 +5,12 @@ # RIL /dev/umts_boot0 u:object_r:radio_device:s0 -/dev/umts_boot1 u:object_r:radio_device:s0 +/dev/umts_csd u:object_r:radio_device:s0 /dev/umts_ipc0 u:object_r:radio_device:s0 +/dev/umts_loopback0 u:object_r:radio_device:s0 /dev/umts_ramdump0 u:object_r:radio_device:s0 /dev/umts_rfs0 u:object_r:radio_device:s0 +/dev/umts_router u:object_r:radio_device:s0 /dev/block/mmcblk0p10 u:object_r:efs_block_device:s0 @@ -35,3 +37,6 @@ /system/vendor/firmware(/.*)? u:object_r:firmware_camera:s0 /system/vendor/firmware/mfc_fw.bin u:object_r:firmware_mfc:s0 /data/cfw(/.*)? u:object_r:firmware_camera:s0 + +# Vibrator +/dev/tspdrv u:object_r:input_device:s0 diff --git a/selinux/mediaserver.te b/selinux/mediaserver.te index 520da3a..7cc911c 100644 --- a/selinux/mediaserver.te +++ b/selinux/mediaserver.te @@ -1,3 +1,8 @@ allow mediaserver { firmware_camera }:file r_file_perms; allow mediaserver firmware_camera:dir r_dir_perms; allow mediaserver camera_data_file:file rw_file_perms; +allow mediaserver volume_data_file:file create_file_perms; +allow mediaserver volume_data_file:dir create_dir_perms; + +# Bluetooth audio +allow mediaserver bluetooth:unix_stream_socket { connectto }; diff --git a/selinux/system.te b/selinux/system.te index 395aeea..df7b6fc 100644 --- a/selinux/system.te +++ b/selinux/system.te @@ -2,6 +2,7 @@ allow system input_device:chr_file { read ioctl write open }; allow system sensors_device:chr_file { read open }; allow system sensors_data_file:file r_file_perms; allow system wpa_socket:unix_dgram_socket sendto; +allow system_app volume_data_file:file { read write open getattr }; allow system sysfs:file { read open write }; allow system self:capability { sys_module }; diff --git a/selinux/ueventd.te b/selinux/ueventd.te index 4037e57..1ed58dc 100644 --- a/selinux/ueventd.te +++ b/selinux/ueventd.te @@ -1,3 +1,6 @@ -# Firmwares +# MFC firmware allow ueventd { firmware_mfc }:file r_file_perms; + +# Camera related firmwares allow ueventd { firmware_camera }:dir search; +allow ueventd { firmware_camera }:file r_file_perms; |