summaryrefslogtreecommitdiffstats
path: root/sepolicy
diff options
context:
space:
mode:
authorPat Erley <perley@cyngn.com>2016-02-09 10:43:31 -0800
committerWolfgang Wiedmeyer <wolfgit@wiedmeyer.de>2016-02-16 14:49:04 +0100
commit18037e74624d31e87a478afa5584bb6dc7c89e82 (patch)
tree6719f089d8f34f67d83fe731e5dded10f9a3875a /sepolicy
parent6d31d282c0935c32321f45527e6adf02a4a9a1fb (diff)
downloadvendor_replicant-18037e74624d31e87a478afa5584bb6dc7c89e82.zip
vendor_replicant-18037e74624d31e87a478afa5584bb6dc7c89e82.tar.gz
vendor_replicant-18037e74624d31e87a478afa5584bb6dc7c89e82.tar.bz2
sepolicy: Allow system server and uncrypt access pipe
System server needs to be able to create a pipe in the cache partition for uncrypting OTAs. Uncrypt needs to be able to read and write the pipe. Change-Id: Ie03ee7d637eaecff8fe38bf03dc733b3915cd336
Diffstat (limited to 'sepolicy')
-rw-r--r--sepolicy/system_server.te1
-rw-r--r--sepolicy/uncrypt.te1
2 files changed, 2 insertions, 0 deletions
diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te
index a9000b6..6aaf50c 100644
--- a/sepolicy/system_server.te
+++ b/sepolicy/system_server.te
@@ -1,5 +1,6 @@
allow system_server recovery_cache_file:dir rw_dir_perms;
allow system_server recovery_cache_file:file create_file_perms;
+allow system_server recovery_cache_file:fifo_file create_file_perms;
# Persistent properties
allow system_server persist_property_file:dir rw_dir_perms;
diff --git a/sepolicy/uncrypt.te b/sepolicy/uncrypt.te
index 2e545a7..978f9e1 100644
--- a/sepolicy/uncrypt.te
+++ b/sepolicy/uncrypt.te
@@ -1,3 +1,4 @@
r_dir_file(uncrypt, media_rw_data_file)
allow uncrypt recovery_cache_file:dir create_dir_perms;
allow uncrypt recovery_cache_file:file create_file_perms;
+allow uncrypt recovery_cache_file:fifo_file rw_file_perms;