diff options
author | Trulan Martin <trulanm@gmail.com> | 2016-07-10 08:00:03 -0400 |
---|---|---|
committer | Dániel Járai <jaraidaniel@gmail.com> | 2016-07-20 10:29:16 -0700 |
commit | 6a6555ae303513bdaffd47bd8611654a35e9dffc (patch) | |
tree | 88f951e227191ac5138019fd3da4b77528f545db /sepolicy | |
parent | aedd90bf67c7da7b91442fc0942fe13743ee1509 (diff) | |
download | device_samsung_tuna-6a6555ae303513bdaffd47bd8611654a35e9dffc.zip device_samsung_tuna-6a6555ae303513bdaffd47bd8611654a35e9dffc.tar.gz device_samsung_tuna-6a6555ae303513bdaffd47bd8611654a35e9dffc.tar.bz2 |
sepolicy: add ioctl rules for rild
This fixes SELinux denials caused by restrictions to
unix_stream_socket. Some of the rild ioctl commands may be
device-specific, for toro or toroplus only. These could be
moved into their respective device trees in the future.
Change-Id: I82fdf498f068cc5462bd03e0da298819485d5f4c
Diffstat (limited to 'sepolicy')
-rw-r--r-- | sepolicy/rild.te | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/sepolicy/rild.te b/sepolicy/rild.te index b6013f0..0530e95 100644 --- a/sepolicy/rild.te +++ b/sepolicy/rild.te @@ -13,3 +13,13 @@ allow rild system_file:file { execute execmod }; # Have no idea why rild needs access to logcat, # potentially to catch errors from some other components? allow rild logcat_exec:file { getattr read open execute execute_no_trans }; + +## Allow ioctl commands used by rild +# These are needed for toro's ril. toroplus may not need 0x89a2, but needs the +# other three. maguro may or may not need these. +# Device-specific calls could be moved into their respective device trees +# in the future. +allow rild self:unix_stream_socket 0x89a0; +allow rild self:unix_stream_socket 0x89a2; +allow rild self:unix_stream_socket 0x89a3; +allow rild self:unix_stream_socket 0x89f0; |