From 3977f65b1374e3365f69695771afe886165564d6 Mon Sep 17 00:00:00 2001
From: Luden <luden@ghostmail.com>
Date: Thu, 17 Mar 2016 20:19:12 +0000
Subject: Implemented SELinux rules for tuna.

Change-Id: I0c82e620532cf968341cc8c5d268aa0788ebb94f
---
 sepolicy/rild.te | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

(limited to 'sepolicy/rild.te')

diff --git a/sepolicy/rild.te b/sepolicy/rild.te
index 67a21b6..b6013f0 100644
--- a/sepolicy/rild.te
+++ b/sepolicy/rild.te
@@ -1,4 +1,15 @@
 # rild
-allow rild radio_data_file:dir { r_dir_perms setattr };
+
+# Needed for /data/radio/*, /data/misc/radio/* and /factory/*
+allow rild { radio_data_file radio_efs_file }:dir { rw_dir_perms setattr };
+allow rild { radio_data_file radio_efs_file }:file rw_file_perms;
+
 allow rild self:process execmem;
-allow rild block_device:dir search;
+allow rild block_device:dir { search };
+
+# Needed for /system/vendor/lib/libsec-ril.so
+allow rild system_file:file { execute execmod };
+
+# Have no idea why rild needs access to logcat,
+# potentially to catch errors from some other components?
+allow rild logcat_exec:file { getattr read open execute execute_no_trans };
-- 
cgit v1.1