Merge "Remove sepolicy for /dev/alarm."
am: 5aacdbc936
Change-Id: I109e523c716a5143be0ff355af2b0409089db9a0
This commit is contained in:
commit
8981973faf
@ -1,4 +1,5 @@
|
||||
;; types removed from current policy
|
||||
(type alarm_device)
|
||||
(type audio_seq_device)
|
||||
(type audio_timer_device)
|
||||
(type commontime_management_service)
|
||||
|
@ -71,7 +71,6 @@
|
||||
/dev/adf[0-9]* u:object_r:graphics_device:s0
|
||||
/dev/adf-interface[0-9]*\.[0-9]* u:object_r:graphics_device:s0
|
||||
/dev/adf-overlay-engine[0-9]*\.[0-9]* u:object_r:graphics_device:s0
|
||||
/dev/alarm u:object_r:alarm_device:s0
|
||||
/dev/ashmem u:object_r:ashmem_device:s0
|
||||
/dev/audio.* u:object_r:audio_device:s0
|
||||
/dev/binder u:object_r:binder_device:s0
|
||||
|
@ -325,7 +325,6 @@ allow system_server sysfs_usb:file w_file_perms;
|
||||
# Access devices.
|
||||
allow system_server device:dir r_dir_perms;
|
||||
allow system_server mdns_socket:sock_file rw_file_perms;
|
||||
allow system_server alarm_device:chr_file rw_file_perms;
|
||||
allow system_server gpu_device:chr_file rw_file_perms;
|
||||
allow system_server input_device:dir r_dir_perms;
|
||||
allow system_server input_device:chr_file rw_file_perms;
|
||||
|
@ -1,6 +1,5 @@
|
||||
# Device types
|
||||
type device, dev_type, fs_type;
|
||||
type alarm_device, dev_type, mlstrustedobject;
|
||||
type ashmem_device, dev_type, mlstrustedobject;
|
||||
type audio_device, dev_type;
|
||||
type binder_device, dev_type, mlstrustedobject;
|
||||
|
@ -75,7 +75,6 @@ allow {
|
||||
not_full_treble(`allow { domain -hwservicemanager -vndservicemanager } binder_device:chr_file rw_file_perms;')
|
||||
allow { domain -servicemanager -vndservicemanager -isolated_app } hwbinder_device:chr_file rw_file_perms;
|
||||
allow domain ptmx_device:chr_file rw_file_perms;
|
||||
allow domain alarm_device:chr_file r_file_perms;
|
||||
allow domain random_device:chr_file rw_file_perms;
|
||||
allow domain proc_random:dir r_dir_perms;
|
||||
allow domain proc_random:file r_file_perms;
|
||||
|
@ -9,7 +9,6 @@ allowxperm hal_telephony_server self:udp_socket ioctl priv_sock_ioctls;
|
||||
allow hal_telephony_server self:netlink_route_socket nlmsg_write;
|
||||
allow hal_telephony_server kernel:system module_request;
|
||||
allow hal_telephony_server self:global_capability_class_set { setpcap setgid setuid net_admin net_raw };
|
||||
allow hal_telephony_server alarm_device:chr_file rw_file_perms;
|
||||
allow hal_telephony_server cgroup:dir create_dir_perms;
|
||||
allow hal_telephony_server cgroup:{ file lnk_file } r_file_perms;
|
||||
allow hal_telephony_server radio_device:chr_file rw_file_perms;
|
||||
|
@ -257,7 +257,6 @@ allow init {
|
||||
allow init { fs_type -contextmount_type -sdcard_type -rootfs }:dir { open read setattr search };
|
||||
|
||||
allow init {
|
||||
alarm_device
|
||||
ashmem_device
|
||||
binder_device
|
||||
console_device
|
||||
|
@ -12,7 +12,6 @@ not_full_treble(`unix_socket_connect(radio, rild, hal_telephony_server)')
|
||||
allow radio radio_data_file:dir create_dir_perms;
|
||||
allow radio radio_data_file:notdevfile_class_set create_file_perms;
|
||||
|
||||
allow radio alarm_device:chr_file rw_file_perms;
|
||||
|
||||
allow radio net_data_file:dir search;
|
||||
allow radio net_data_file:file r_file_perms;
|
||||
|
Loading…
Reference in New Issue
Block a user