Merge "kernel: grant perms from domain_deprecated"
am: e48ab7848d
* commit 'e48ab7848dac5fecfe64fcabeef786156eeae261':
kernel: grant perms from domain_deprecated
This commit is contained in:
Jeffrey Vander Stoep
android-build-merger
commit
d9fcee9ddc
1 changed files with 9 additions and 0 deletions
|
|
@ -3,6 +3,15 @@ type kernel, domain, domain_deprecated, mlstrustedsubject;
|
||||||
|
|
||||||
allow kernel self:capability sys_nice;
|
allow kernel self:capability sys_nice;
|
||||||
|
|
||||||
|
# Root fs.
|
||||||
|
allow kernel rootfs:dir r_dir_perms;
|
||||||
|
allow kernel rootfs:file r_file_perms;
|
||||||
|
allow kernel rootfs:lnk_file r_file_perms;
|
||||||
|
|
||||||
|
# Get SELinux enforcing status.
|
||||||
|
allow kernel selinuxfs:dir r_dir_perms;
|
||||||
|
allow kernel selinuxfs:file r_file_perms;
|
||||||
|
|
||||||
# Allow init relabel itself.
|
# Allow init relabel itself.
|
||||||
allow kernel rootfs:file relabelfrom;
|
allow kernel rootfs:file relabelfrom;
|
||||||
allow kernel init_exec:file relabelto;
|
allow kernel init_exec:file relabelto;
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue