platform_system_sepolicy/private/coredomain.te
Tom Cherry 70e8f4214f Remove vendor_init from coredomain
vendor_init exists on the system partition, but it is meant to be an
extention of init that runs with vendor permissions for executing
vendor scripts, therefore it is not meant to be in coredomain.

Bug: 62875318
Test: boot walleye
Change-Id: I01af5c9f8b198674b15b90620d02725a6e7c1da6
2018-01-25 11:31:09 -08:00

15 lines
230 B
Text

get_prop(coredomain, pm_prop)
get_prop(coredomain, exported_pm_prop)
full_treble_only(`
neverallow {
coredomain
# for chowning
-init
# generic access to sysfs_type
-ueventd
-vold
} sysfs_leds:file *;
')