summaryrefslogtreecommitdiffstats
path: root/sepolicy
diff options
context:
space:
mode:
authorPat Erley <perley@cyngn.com>2016-02-09 10:43:31 -0800
committerGerrit Code Review <gerrit@cyanogenmod.org>2016-02-09 13:24:46 -0800
commit15697319cacf8faed9365312fd0d1093ec234410 (patch)
tree50b53a2af34f1554baeee82a0d60a6f98a228928 /sepolicy
parentf84ce1b73884cd36d663bd1cb5c4ba2419e2ef9d (diff)
downloadvendor_replicant-15697319cacf8faed9365312fd0d1093ec234410.zip
vendor_replicant-15697319cacf8faed9365312fd0d1093ec234410.tar.gz
vendor_replicant-15697319cacf8faed9365312fd0d1093ec234410.tar.bz2
sepolicy: Allow system server and uncrypt access pipe
System server needs to be able to create a pipe in the cache partition for uncrypting OTAs. Uncrypt needs to be able to read and write the pipe. Change-Id: Ie03ee7d637eaecff8fe38bf03dc733b3915cd336
Diffstat (limited to 'sepolicy')
-rw-r--r--sepolicy/system_server.te1
-rw-r--r--sepolicy/uncrypt.te1
2 files changed, 2 insertions, 0 deletions
diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te
index a9000b6..6aaf50c 100644
--- a/sepolicy/system_server.te
+++ b/sepolicy/system_server.te
@@ -1,5 +1,6 @@
allow system_server recovery_cache_file:dir rw_dir_perms;
allow system_server recovery_cache_file:file create_file_perms;
+allow system_server recovery_cache_file:fifo_file create_file_perms;
# Persistent properties
allow system_server persist_property_file:dir rw_dir_perms;
diff --git a/sepolicy/uncrypt.te b/sepolicy/uncrypt.te
index 2e545a7..978f9e1 100644
--- a/sepolicy/uncrypt.te
+++ b/sepolicy/uncrypt.te
@@ -1,3 +1,4 @@
r_dir_file(uncrypt, media_rw_data_file)
allow uncrypt recovery_cache_file:dir create_dir_perms;
allow uncrypt recovery_cache_file:file create_file_perms;
+allow uncrypt recovery_cache_file:fifo_file rw_file_perms;