Skip to content
Snippets Groups Projects
Commit f6cbbe25 authored by Stephen Smalley's avatar Stephen Smalley
Browse files

Introduce a separate wallpaper_file type for the wallpaper file.

parent 59d28035
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
app.te
+ 3
0
View file @ f6cbbe25
...@@ -96,6 +96,9 @@ allow appdomain app_data_file:notdevfile_class_set create_file_perms; ...@@ -96,6 +96,9 @@ allow appdomain app_data_file:notdevfile_class_set create_file_perms;
# lib subdirectory of /data/data dir is system-owned. # lib subdirectory of /data/data dir is system-owned.
allow appdomain system_data_file:dir r_dir_perms; allow appdomain system_data_file:dir r_dir_perms;
# Read/write wallpaper file (opened by system).
allow appdomain wallpaper_file:file { read write };
# Use the Binder. # Use the Binder.
binder_use(appdomain) binder_use(appdomain)
# Perform binder IPC to binder services. # Perform binder IPC to binder services.
......
file.te
+ 2
0
View file @ f6cbbe25
...@@ -52,6 +52,8 @@ type app_data_file, file_type, data_file_type; ...@@ -52,6 +52,8 @@ type app_data_file, file_type, data_file_type;
type cache_file, file_type, mlstrustedobject; type cache_file, file_type, mlstrustedobject;
# Default type for anything under /efs # Default type for anything under /efs
type efs_file, file_type; type efs_file, file_type;
# Type for wallpaper file.
type wallpaper_file, file_type;
# Socket types # Socket types
type bluetooth_socket, file_type; type bluetooth_socket, file_type;
......
file_contexts
+ 2
0
View file @ f6cbbe25
...@@ -118,6 +118,8 @@ ...@@ -118,6 +118,8 @@
/data/misc/wifi(/.*)? u:object_r:wifi_data_file:s0 /data/misc/wifi(/.*)? u:object_r:wifi_data_file:s0
# App sandboxes # App sandboxes
/data/data/.* u:object_r:app_data_file:s0 /data/data/.* u:object_r:app_data_file:s0
# Wallpaper file.
/data/data/com.android.settings/files/wallpaper u:object_r:wallpaper_file:s0
############################# #############################
# efs files # efs files
# #
......
system.te
+ 8
0
View file @ f6cbbe25
...@@ -15,6 +15,9 @@ binder_transfer(system_app, appdomain) ...@@ -15,6 +15,9 @@ binder_transfer(system_app, appdomain)
allow system_app system_data_file:dir create_dir_perms; allow system_app system_data_file:dir create_dir_perms;
allow system_app system_data_file:file create_file_perms; allow system_app system_data_file:file create_file_perms;
# Read wallpaper file.
allow system_app wallpaper_file:file r_file_perms;
# Write to dalvikcache. # Write to dalvikcache.
allow system_app dalvikcache_data_file:file { write setattr }; allow system_app dalvikcache_data_file:file { write setattr };
...@@ -137,6 +140,11 @@ allow system rootfs:file r_file_perms; ...@@ -137,6 +140,11 @@ allow system rootfs:file r_file_perms;
allow system apk_tmp_file:file { relabelfrom relabelto }; allow system apk_tmp_file:file { relabelfrom relabelto };
allow system apk_data_file:file { relabelfrom relabelto }; allow system apk_data_file:file { relabelfrom relabelto };
# Relabel wallpaper.
allow system system_data_file:file relabelfrom;
allow system wallpaper_file:file relabelto;
allow system wallpaper_file:file r_file_perms;
# Create a socket for receiving info from wpa. # Create a socket for receiving info from wpa.
type_transition system wifi_data_file:sock_file system_wpa_socket; type_transition system wifi_data_file:sock_file system_wpa_socket;
allow system system_wpa_socket:sock_file create_file_perms; allow system system_wpa_socket:sock_file create_file_perms;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment