tequilaOS/platform_build
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Temporarily whitelisting system domains writing vendor props"

Browse source
This commit is contained in:
Treehugger Robot 2018-06-06 03:54:11 +00:00 committed by Gerrit Code Review
commit f1a5557164
3 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
target/board/generic/sepolicy/bootanim.te
View file

@ -5,4 +5,5 @@ dontaudit bootanim system_data_file:dir read;
allow bootanim graphics_device:chr_file { read ioctl open }; allow bootanim graphics_device:chr_file { read ioctl open };
typeattribute bootanim system_writes_vendor_properties_violators;
set_prop(bootanim, qemu_prop) set_prop(bootanim, qemu_prop)

1
target/board/generic/sepolicy/surfaceflinger.te
View file

@ -1,4 +1,5 @@
allow surfaceflinger self:process execmem; allow surfaceflinger self:process execmem;
allow surfaceflinger ashmem_device:chr_file execute; allow surfaceflinger ashmem_device:chr_file execute;
typeattribute surfaceflinger system_writes_vendor_properties_violators;
set_prop(surfaceflinger, qemu_prop) set_prop(surfaceflinger, qemu_prop)

1
target/board/generic/sepolicy/zygote.te
View file

@ -1,3 +1,4 @@
typeattribute zygote system_writes_vendor_properties_violators;
set_prop(zygote, qemu_prop) set_prop(zygote, qemu_prop)
# TODO (b/63631799) fix this access # TODO (b/63631799) fix this access
# Suppress denials to storage. Webview zygote should not be accessing. # Suppress denials to storage. Webview zygote should not be accessing.