tequilaOS/platform_device_qcom_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "sepolicy: comply with app_zygote neverallow rules"

Browse source
This commit is contained in:
qctecmdr Service 2019-02-21 03:31:46 -08:00 committed by Gerrit - the friendly Code Review server
commit 959bd02417
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
generic/private/qti-testscripts.te
View file

@ -80,7 +80,7 @@ userdebug_or_eng(`
# allow adbd qti-testscripts:process dyntransition;
#allow { domain -mediaextractor -mediacodec } qti-testscripts:unix_stream_socket connectto;
allow domain qti-testscripts:fd use;
allow { domain -mediaextractor -hal_omx_server -hal_configstore_server } qti-testscripts:unix_stream_socket { getattr getopt read write shutdown };
allow { domain -app_zygote -mediaextractor -hal_omx_server -hal_configstore_server } qti-testscripts:unix_stream_socket { getattr getopt read write shutdown };
# binder_call({ domain -init -netd }, qti-testscripts)
allow domain qti-testscripts:fifo_file { write getattr };
allow domain qti-testscripts:process sigchld;

2
generic/vendor/test/vendor-qti-testscripts.te vendored
View file

@ -76,7 +76,7 @@ userdebug_or_eng(`
# allow adbd vendor-qti-testscripts:process dyntransition;
# allow { domain -mediaextractor -mediacodec } vendor-qti-testscripts:unix_stream_socket connectto;
allow domain vendor-qti-testscripts:fd use;
allow { domain -mediaextractor -mediacodec -hal_configstore_default } vendor-qti-testscripts:unix_stream_socket { getattr getopt read write shutdown };
allow { domain -app_zygote -mediaextractor -mediacodec -hal_configstore_default } vendor-qti-testscripts:unix_stream_socket { getattr getopt read write shutdown };
#binder_call({ domain -init -netd }, vendor-qti-testscripts)
allow domain vendor-qti-testscripts:fifo_file { write getattr };
allow domain vendor-qti-testscripts:process sigchld;