From 3977f65b1374e3365f69695771afe886165564d6 Mon Sep 17 00:00:00 2001
From: Luden <luden@ghostmail.com>
Date: Thu, 17 Mar 2016 20:19:12 +0000
Subject: Implemented SELinux rules for tuna.

Change-Id: I0c82e620532cf968341cc8c5d268aa0788ebb94f
---
 sepolicy/file_contexts | 30 +++++++++++++++++++++++++-----
 1 file changed, 25 insertions(+), 5 deletions(-)

(limited to 'sepolicy/file_contexts')

diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 17417ec..35c90c9 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -1,8 +1,6 @@
 #rild
-/data/radio/nv_data.bin.*       u:object_r:radio_data_file:s0
-/dev/block/mmcblk0p4            u:object_r:radio_device:s0
-/dev/block/mmcblk0p9            u:object_r:radio_device:s0
-/dev/block/platform/omap/omap_hsmmc.0/by-name/radio     u:object_r:radio_device:s0
+/data/radio(/.*)?		u:object_r:radio_data_file:s0
+/data/misc/radio(/.*)?		u:object_r:radio_data_file:s0
 /dev/an30259a_leds              u:object_r:video_device:s0
 /dev/cdma_.*                    u:object_r:radio_device:s0
 /dev/lte_.*                     u:object_r:radio_device:s0
@@ -18,7 +16,8 @@
 /dev/i2c-2			u:object_r:camera_device:s0
 /factory(/.*)?                  u:object_r:efs_file:s0
 /factory/bluetooth(/.*)?        u:object_r:bluetooth_efs_file:s0
-/factory/nv_data.bin.*          u:object_r:radio_data_file:s0
+/factory/nv_data.bin.*          u:object_r:radio_efs_file:s0
+
 #nfc
 /dev/ttyO3     u:object_r:nfc_device:s0
 
@@ -34,3 +33,24 @@
 
 # System binaries
 /system/bin/dumpdcc		u:object_r:dumpdcc_exec:s0
+
+# TEE / SMC
+/tee/smc(/.*)?						u:object_r:tee_file:s0
+/dev/tf_ctrl						u:object_r:tee_device:s0
+/system/vendor/bin/tee-fs-setup.sh			u:object_r:recovery_exec:s0
+/system/bin/smc_pa_ctrl					u:object_r:smc_pa_ctrl_exec:s0
+
+# Generic setup
+/system/bin/setup_fs					u:object_r:fs_setup_exec:s0
+
+# Block devices
+/dev/block/mmcblk0					u:object_r:root_block_device:s0
+/dev/block/platform/omap/omap_hsmmc.0/by-name/boot	u:object_r:boot_block_device:s0
+/dev/block/platform/omap/omap_hsmmc.0/by-name/recovery	u:object_r:recovery_block_device:s0
+/dev/block/platform/omap/omap_hsmmc.0/by-name/cache	u:object_r:cache_block_device:s0
+/dev/block/platform/omap/omap_hsmmc.0/by-name/system	u:object_r:system_block_device:s0
+/dev/block/platform/omap/omap_hsmmc.0/by-name/userdata	u:object_r:userdata_block_device:s0
+/dev/block/platform/omap/omap_hsmmc.0/by-name/param	u:object_r:radio_device:s0
+/dev/block/platform/omap/omap_hsmmc.0/by-name/radio	u:object_r:radio_device:s0
+/dev/block/platform/omap/omap_hsmmc.0/by-name/dgs	u:object_r:tee_block_device:s0
+/dev/block/platform/omap/omap_hsmmc.0/by-name/efs	u:object_r:efs_block_device:s0
-- 
cgit v1.1