From d4812dbf603b925926c6771896e4da7aef0c5979 Mon Sep 17 00:00:00 2001
From: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
Date: Thu, 23 Feb 2017 13:33:38 +0100
Subject: selinux: allow surfaceflinger access to s5p-smem

Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
---
 selinux/device.te         | 1 +
 selinux/file_contexts     | 1 +
 selinux/surfaceflinger.te | 1 +
 3 files changed, 3 insertions(+)

diff --git a/selinux/device.te b/selinux/device.te
index 5ab8206..e59f9eb 100644
--- a/selinux/device.te
+++ b/selinux/device.te
@@ -3,3 +3,4 @@ type efs_block_device, dev_type;
 type hpd_device, dev_type;
 type mfc_device, dev_type;
 type radio_block_device, dev_type;
+type secmem_device, dev_type;
\ No newline at end of file
diff --git a/selinux/file_contexts b/selinux/file_contexts
index 275f005..68a3333 100644
--- a/selinux/file_contexts
+++ b/selinux/file_contexts
@@ -2,6 +2,7 @@
 /dev/mali                               u:object_r:gpu_device:s0
 /dev/ump                                u:object_r:gpu_device:s0
 /dev/fimg2d                             u:object_r:gpu_device:s0
+/dev/s5p-smem                           u:object_r:secmem_device:s0
 
 # RIL
 /dev/link_pm                            u:object_r:radio_device:s0
diff --git a/selinux/surfaceflinger.te b/selinux/surfaceflinger.te
index 00fa1e9..a23d359 100644
--- a/selinux/surfaceflinger.te
+++ b/selinux/surfaceflinger.te
@@ -1 +1,2 @@
 allow surfaceflinger hpd_device:chr_file rw_file_perms;
+allow surfaceflinger secmem_device:chr_file rw_file_perms;
-- 
cgit v1.1