diff options
| author | Pat Erley <perley@cyngn.com> | 2016-02-09 10:43:31 -0800 |
|---|---|---|
| committer | Gerrit Code Review <gerrit@cyanogenmod.org> | 2016-02-09 13:24:46 -0800 |
| commit | 15697319cacf8faed9365312fd0d1093ec234410 (patch) | |
| tree | 50b53a2af34f1554baeee82a0d60a6f98a228928 /sepolicy | |
| parent | f84ce1b73884cd36d663bd1cb5c4ba2419e2ef9d (diff) | |
| download | vendor_replicant-15697319cacf8faed9365312fd0d1093ec234410.zip vendor_replicant-15697319cacf8faed9365312fd0d1093ec234410.tar.gz vendor_replicant-15697319cacf8faed9365312fd0d1093ec234410.tar.bz2 | |
sepolicy: Allow system server and uncrypt access pipe
System server needs to be able to create a pipe in the cache partition
for uncrypting OTAs. Uncrypt needs to be able to read and write the
pipe.
Change-Id: Ie03ee7d637eaecff8fe38bf03dc733b3915cd336
Diffstat (limited to 'sepolicy')
| -rw-r--r-- | sepolicy/system_server.te | 1 | ||||
| -rw-r--r-- | sepolicy/uncrypt.te | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te index a9000b6..6aaf50c 100644 --- a/sepolicy/system_server.te +++ b/sepolicy/system_server.te @@ -1,5 +1,6 @@ allow system_server recovery_cache_file:dir rw_dir_perms; allow system_server recovery_cache_file:file create_file_perms; +allow system_server recovery_cache_file:fifo_file create_file_perms; # Persistent properties allow system_server persist_property_file:dir rw_dir_perms; diff --git a/sepolicy/uncrypt.te b/sepolicy/uncrypt.te index 2e545a7..978f9e1 100644 --- a/sepolicy/uncrypt.te +++ b/sepolicy/uncrypt.te @@ -1,3 +1,4 @@ r_dir_file(uncrypt, media_rw_data_file) allow uncrypt recovery_cache_file:dir create_dir_perms; allow uncrypt recovery_cache_file:file create_file_perms; +allow uncrypt recovery_cache_file:fifo_file rw_file_perms; |