OSDN Git Service

(root) / android-x86 / build.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5968de7)
Switch qemud to permissive_or_unconfined().
authorStephen Smalley <sds@tycho.nsa.gov>
Thu, 6 Nov 2014 14:36:40 +0000 (09:36 -0500)
committerStephen Smalley <sds@tycho.nsa.gov>
Thu, 6 Nov 2014 14:36:40 +0000 (09:36 -0500)
Switch the qemud domain from unconfined_domain() to
permissive_or_unconfined() so that we can start collecting and
addressing denials in -userdebug/-eng builds.

Also allow access to the serial device.

Change-Id: I9c7a6ddc8c2e64bfc6c5bb896eed1729ab205d60
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
target/board/generic/sepolicy/qemud.te patch | blob | history

diff --git a/target/board/generic/sepolicy/qemud.te b/target/board/generic/sepolicy/qemud.te
index 4ff02ec..b6a35d3 100644 (file)
--- a/target/board/generic/sepolicy/qemud.te
+++ b/target/board/generic/sepolicy/qemud.te
@@ -3,4 +3,7 @@ type qemud, domain;
 type qemud_exec, exec_type, file_type;
 
 init_daemon_domain(qemud)
-unconfined_domain(qemud)
+permissive_or_unconfined(qemud)
+
+# Access /dev/ttyS1.
+allow qemud serial_device:chr_file rw_file_perms;
build
About OSDN
Find Software
Develop Software
Help