diff options
| author | Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de> | 2015-12-17 21:10:59 +0100 |
|---|---|---|
| committer | Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de> | 2015-12-17 21:10:59 +0100 |
| commit | f55a720155c7d6d4b79e31fcb88be065bd668494 (patch) | |
| tree | 470a54bd6855ecc92da0afa47262614e5491f09b /sepolicy | |
| parent | 71a01dce178fb399e914fae82c0c9a9a8de1b120 (diff) | |
| parent | 322cc5ae59c6ab388c362d02f17d25725d42d048 (diff) | |
| download | vendor_replicant-f55a720155c7d6d4b79e31fcb88be065bd668494.zip vendor_replicant-f55a720155c7d6d4b79e31fcb88be065bd668494.tar.gz vendor_replicant-f55a720155c7d6d4b79e31fcb88be065bd668494.tar.bz2 | |
Merge remote-tracking branch 'cyanogenmod/cm-13.0' into replicant-6.0
Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
Conflicts:
config/common.mk
Diffstat (limited to 'sepolicy')
| -rw-r--r-- | sepolicy/adbd.te | 1 | ||||
| -rw-r--r-- | sepolicy/file_contexts | 3 | ||||
| -rw-r--r-- | sepolicy/init.te | 4 | ||||
| -rw-r--r-- | sepolicy/mkfs.te | 9 | ||||
| -rw-r--r-- | sepolicy/property_contexts | 2 | ||||
| -rw-r--r-- | sepolicy/shell.te | 1 |
6 files changed, 17 insertions, 3 deletions
diff --git a/sepolicy/adbd.te b/sepolicy/adbd.te deleted file mode 100644 index 39a87aa..0000000 --- a/sepolicy/adbd.te +++ /dev/null @@ -1 +0,0 @@ -allow adbd adbtcp_prop:property_service set; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 7611478..e5ae776 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -14,6 +14,9 @@ /system/etc/init.d/90userinit u:object_r:userinit_exec:s0 /data/local/userinit.sh u:object_r:userinit_data_exec:s0 +# For F2FS partitions marked "formattable" +/system/bin/mkfs\.f2fs u:object_r:mkfs_exec:s0 + # For minivold in recovery /sbin/minivold u:object_r:vold_exec:s0 diff --git a/sepolicy/init.te b/sepolicy/init.te new file mode 100644 index 0000000..447c720 --- /dev/null +++ b/sepolicy/init.te @@ -0,0 +1,4 @@ +# Allow formatting userdata or cache partitions +allow init block_device:dir search; +allow init userdata_block_device:blk_file rw_file_perms; +allow init cache_block_device:blk_file rw_file_perms; diff --git a/sepolicy/mkfs.te b/sepolicy/mkfs.te new file mode 100644 index 0000000..fe7c61b --- /dev/null +++ b/sepolicy/mkfs.te @@ -0,0 +1,9 @@ +type mkfs, domain; +type mkfs_exec, exec_type, file_type; + +init_daemon_domain(mkfs) + +# Allow formatting userdata or cache partitions +allow mkfs block_device:dir search; +allow mkfs userdata_block_device:blk_file rw_file_perms; +allow mkfs cache_block_device:blk_file rw_file_perms; diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts index d6beeb2..ce5c71a 100644 --- a/sepolicy/property_contexts +++ b/sepolicy/property_contexts @@ -1,4 +1,4 @@ -service.adb.tcp.port u:object_r:adbtcp_prop:s0 +adb.network.port u:object_r:adbtcp_prop:s0 recovery.perf.mode u:object_r:recovery_prop:s0 adb.secure u:object_r:recovery_prop:s0 cm.userinit.active u:object_r:userinit_prop:s0 diff --git a/sepolicy/shell.te b/sepolicy/shell.te deleted file mode 100644 index 48b4777..0000000 --- a/sepolicy/shell.te +++ /dev/null @@ -1 +0,0 @@ -allow shell adbtcp_prop:property_service set; |