tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Apply a label to /data/mediadrm files.

Browse source 
/data/mediadrm is appearing on devices but is
receiving the system_data_file type. Use the
media_data_file label to help classify these files.
This new label will help with the following denials.
with exisiting allow rules for mediaserver are already
in place.

type=1400 msg=audit(1389139139.551:308): avc:  denied  { open } for  pid=179 comm="mediaserver" name="ay64.dat" dev="mmcblk0p23" ino=136819 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=file
type=1400 msg=audit(1389139140.783:309): avc:  denied  { read } for  pid=179 comm="mediaserver" name="IDM1013" dev="mmcblk0p23" ino=136818 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir
type=1400 msg=audit(1389139140.783:310): avc:  denied  { open } for  pid=179 comm="mediaserver" name="IDM1013" dev="mmcblk0p23" ino=136818 scontext=u:r:mediaserver:s0 tcontext=u:object_r:system_data_file:s0 tclass=dir

Change-Id: I84ac78517fdbb0264cf07379120a62675505fc95
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
This commit is contained in:
rpcraig 2014-01-07 21:53:01 -05:00 committed by Robert Craig
parent 84a81d1ed6
commit d362cdf8d9
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
file_contexts
View file

@ -168,6 +168,7 @@
/data/tombstones(/.*)? u:object_r:tombstone_data_file:s0
/data/local/tmp(/.*)? u:object_r:shell_data_file:s0
/data/media(/.*)? u:object_r:media_rw_data_file:s0
/data/mediadrm(/.*)? u:object_r:media_data_file:s0
# Misc data
/data/misc/adb(/.*)? u:object_r:adb_keys_file:s0