diff options
author | Praneeth Bajjuri <praneeth@ti.com> | 2017-04-19 18:04:10 -0500 |
---|---|---|
committer | Praneeth Bajjuri <praneeth@ti.com> | 2017-04-19 18:04:10 -0500 |
commit | e1a1c8a7e6d17b5e69e0ab62fb795eb045ae3fea (patch) | |
tree | fa16e2d4fab3e2997ac58a9d8f84ed0168e57622 | |
parent | 8b2ce8c00c636f95c37a96eb0ee989e181bf7613 (diff) | |
download | am57xevm-d-nougat-mr2-release.tar.gz |
am57xevm: sepolicy: temp: remove unapplicable selinux changesd-nougat-mr2-release
temp fix: need to be investigate and apply correct policy changes
later.
Signed-off-by: Praneeth Bajjuri <praneeth@ti.com>
-rw-r--r-- | sepolicy/device.te | 2 | ||||
-rw-r--r-- | sepolicy/file_contexts | 10 | ||||
-rw-r--r-- | sepolicy/init.te | 1 | ||||
-rw-r--r-- | sepolicy/lad_dra7xx.te | 4 | ||||
-rw-r--r-- | sepolicy/mediaserver.te | 8 | ||||
-rw-r--r-- | sepolicy/netd.te | 4 |
6 files changed, 1 insertions, 28 deletions
diff --git a/sepolicy/device.te b/sepolicy/device.te index db470f0..9af3309 100644 --- a/sepolicy/device.te +++ b/sepolicy/device.te @@ -2,5 +2,3 @@ type bluetooth_control, dev_type; type rtc, dev_type; type hwspinlock_dev, dev_type; type uio_dev, dev_type; -type cmem_dev, dev_type; -type i2c_dev, dev_type; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 8dc4639..5326cef 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -25,20 +25,10 @@ #cpuset script /system/bin/init.am57xevmboard.cpuset.sh u:object_r:init-cpuset-sh_exec:s0 -#lad_dra7xx -/system/bin/lad_dra7xx u:object_r:lad_dra7xx_exec:s0 -/data/lad(/.*)? u:object_r:lad_data_file:s0 - #hwspinlock and uio /dev/hwspinlock u:object_r:hwspinlock_dev:s0 /dev/uio0 u:object_r:uio_dev:s0 -#I2C -/dev/i2c-[0-9]+ u:object_r:i2c_dev:s0 - -#CMEM -/dev/cmem u:object_r:cmem_dev:s0 - #Block devices /dev/block/platform/44000000.ocp/480b4000.mmc/by-name/system u:object_r:system_block_device:s0 /dev/block/platform/44000000.ocp/480b4000.mmc/by-name/recovery u:object_r:recovery_block_device:s0 diff --git a/sepolicy/init.te b/sepolicy/init.te index abe3314..2005668 100644 --- a/sepolicy/init.te +++ b/sepolicy/init.te @@ -5,3 +5,4 @@ allow init tmpfs:lnk_file create_file_perms; # Allow module insertion allow init system_file:system module_load; + diff --git a/sepolicy/lad_dra7xx.te b/sepolicy/lad_dra7xx.te index ff95009..a5ea3a4 100644 --- a/sepolicy/lad_dra7xx.te +++ b/sepolicy/lad_dra7xx.te @@ -15,7 +15,3 @@ allow lad_dra7xx self:socket { create_socket_perms }; allow lad_dra7xx hwspinlock_dev:chr_file { rw_file_perms }; allow lad_dra7xx uio_dev:chr_file { rw_file_perms }; allow lad_dra7xx sysfs:file { r_file_perms }; - -# Allow signull operation from known client processes -allow lad_dra7xx mediaserver:process signull; -allow lad_dra7xx vis:process signull; diff --git a/sepolicy/mediaserver.te b/sepolicy/mediaserver.te index 9e69353..2e9e366 100644 --- a/sepolicy/mediaserver.te +++ b/sepolicy/mediaserver.te @@ -2,11 +2,3 @@ allow mediaserver system_server:unix_stream_socket { read write }; #Camera allow mediaserver device:dir { read open }; - -#APPE -allow mediaserver lad_data_file:fifo_file { create_file_perms }; -allow mediaserver hwspinlock_dev:chr_file { rw_file_perms }; -allow mediaserver cmem_dev:chr_file { rw_file_perms }; -allow mediaserver self:socket { create_socket_perms }; -allow mediaserver self:tcp_socket { create_stream_socket_perms }; -allow mediaserver ctl_default_prop:property_service set; diff --git a/sepolicy/netd.te b/sepolicy/netd.te index 143cc61..6c8303c 100644 --- a/sepolicy/netd.te +++ b/sepolicy/netd.te @@ -2,7 +2,3 @@ # Ignore them dontaudit netd self:capability sys_module; dontaudit netd kernel:system module_request; - -# VIS -allow netd vis:fd use; -allow netd vis:tcp_socket { rw_socket_perms }; |