Skip to content
Snippets Groups Projects
Commit b748e652 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

resolve merge conflicts of a92d3135 to stage-aosp-master 

Test: Policy compiles.
Change-Id: Iaa19c64f6b54423dbfa5ae16d288501ab0e64cbc
parents b41291f5 a92d3135
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
private/domain_deprecated.te
+ 10
0
View file @ b748e652
...@@ -7,6 +7,7 @@ auditallow { ...@@ -7,6 +7,7 @@ auditallow {
domain_deprecated domain_deprecated
-appdomain -appdomain
-installd -installd
-recovery
-sdcardd -sdcardd
-surfaceflinger -surfaceflinger
-system_server -system_server
...@@ -25,6 +26,7 @@ auditallow { ...@@ -25,6 +26,7 @@ auditallow {
-fsck -fsck
-healthd -healthd
-installd -installd
-recovery
-servicemanager -servicemanager
-system_server -system_server
-ueventd -ueventd
...@@ -36,6 +38,7 @@ auditallow { ...@@ -36,6 +38,7 @@ auditallow {
domain_deprecated domain_deprecated
-healthd -healthd
-installd -installd
-recovery
-servicemanager -servicemanager
-system_server -system_server
-ueventd -ueventd
...@@ -48,6 +51,7 @@ auditallow { ...@@ -48,6 +51,7 @@ auditallow {
-appdomain -appdomain
-healthd -healthd
-installd -installd
-recovery
-servicemanager -servicemanager
-system_server -system_server
-ueventd -ueventd
...@@ -128,17 +132,20 @@ allow domain_deprecated cache_file:lnk_file r_file_perms; ...@@ -128,17 +132,20 @@ allow domain_deprecated cache_file:lnk_file r_file_perms;
userdebug_or_eng(` userdebug_or_eng(`
auditallow { auditallow {
domain_deprecated domain_deprecated
-recovery
-system_server -system_server
-vold -vold
} cache_file:dir { open read search ioctl lock }; } cache_file:dir { open read search ioctl lock };
auditallow { auditallow {
domain_deprecated domain_deprecated
-appdomain -appdomain
-recovery
-system_server -system_server
-vold -vold
} cache_file:dir getattr; } cache_file:dir getattr;
auditallow { auditallow {
domain_deprecated domain_deprecated
-recovery
-system_server -system_server
-vold -vold
} cache_file:file { getattr read }; } cache_file:file { getattr read };
...@@ -177,6 +184,7 @@ auditallow { ...@@ -177,6 +184,7 @@ auditallow {
-fingerprintd -fingerprintd
-healthd -healthd
-netd -netd
-recovery
-system_app -system_app
-surfaceflinger -surfaceflinger
-system_server -system_server
...@@ -189,6 +197,7 @@ auditallow { ...@@ -189,6 +197,7 @@ auditallow {
-fingerprintd -fingerprintd
-healthd -healthd
-netd -netd
-recovery
-system_app -system_app
-surfaceflinger -surfaceflinger
-system_server -system_server
...@@ -201,6 +210,7 @@ auditallow { ...@@ -201,6 +210,7 @@ auditallow {
-fingerprintd -fingerprintd
-healthd -healthd
-netd -netd
-recovery
-system_app -system_app
-surfaceflinger -surfaceflinger
-system_server -system_server
......
public/recovery.te
+ 2
0
View file @ b748e652
...@@ -18,6 +18,7 @@ recovery_only(` ...@@ -18,6 +18,7 @@ recovery_only(`
allow recovery self:capability2 mac_admin; allow recovery self:capability2 mac_admin;
# Run helpers from / or /system without changing domain. # Run helpers from / or /system without changing domain.
r_dir_file(recovery, rootfs)
allow recovery rootfs:file execute_no_trans; allow recovery rootfs:file execute_no_trans;
allow recovery system_file:file execute_no_trans; allow recovery system_file:file execute_no_trans;
allow recovery toolbox_exec:file rx_file_perms; allow recovery toolbox_exec:file rx_file_perms;
...@@ -56,6 +57,7 @@ recovery_only(` ...@@ -56,6 +57,7 @@ recovery_only(`
# Write to /sys/class/android_usb/android0/enable. # Write to /sys/class/android_usb/android0/enable.
# TODO: create more specific label? # TODO: create more specific label?
r_dir_file(recovery, sysfs)
allow recovery sysfs:file w_file_perms; allow recovery sysfs:file w_file_perms;
# Write to /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq. # Write to /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment