Introduce security labels for 2 new device nodes.
iio: Industrial I/O subsystem usb_accessory: accessory protocol for usb Allow system access in both cases. Change-Id: I02db9775ec2ddaaeda40fae6d5e56e320957b09c Signed-off-by: Robert Craig <rpcraig@tycho.ncsc.mil>
This commit is contained in:
parent
c3295802d7
commit
f62af81817
@ -38,12 +38,14 @@ type video_device, dev_type;
|
||||
type vcs_device, dev_type;
|
||||
type zero_device, dev_type;
|
||||
type fuse_device, dev_type;
|
||||
type iio_device, dev_type;
|
||||
type ion_device, dev_type, mlstrustedobject;
|
||||
type gps_device, dev_type;
|
||||
type qtaguid_device, dev_type;
|
||||
type watchdog_device, dev_type;
|
||||
type uhid_device, dev_type;
|
||||
type tun_device, dev_type, mlstrustedobject;
|
||||
type usbaccessory_device, dev_type;
|
||||
|
||||
# All devices have a uart for the hci
|
||||
# attach service. The uart dev node
|
||||
|
@ -50,6 +50,7 @@
|
||||
/dev/fuse u:object_r:fuse_device:s0
|
||||
/dev/graphics(/.*)? u:object_r:graphics_device:s0
|
||||
/dev/input(/.*) u:object_r:input_device:s0
|
||||
/dev/iio:device[0-9]+ u:object_r:iio_device:s0
|
||||
/dev/ion u:object_r:ion_device:s0
|
||||
/dev/kmem u:object_r:kmem_device:s0
|
||||
/dev/log(/.*)? u:object_r:log_device:s0
|
||||
@ -105,6 +106,7 @@
|
||||
/dev/uhid u:object_r:uhid_device:s0
|
||||
/dev/uinput u:object_r:input_device:s0
|
||||
/dev/urandom u:object_r:urandom_device:s0
|
||||
/dev/usb_accessory u:object_r:usbaccessory_device:s0
|
||||
/dev/vcs[0-9a-z]* u:object_r:vcs_device:s0
|
||||
/dev/video[0-9]* u:object_r:video_device:s0
|
||||
/dev/watchdog u:object_r:watchdog_device:s0
|
||||
|
@ -144,10 +144,12 @@ allow system accelerometer_device:chr_file rw_file_perms;
|
||||
allow system alarm_device:chr_file rw_file_perms;
|
||||
allow system graphics_device:dir search;
|
||||
allow system graphics_device:chr_file rw_file_perms;
|
||||
allow system iio_device:chr_file rw_file_perms;
|
||||
allow system input_device:dir r_dir_perms;
|
||||
allow system input_device:chr_file rw_file_perms;
|
||||
allow system tty_device:chr_file rw_file_perms;
|
||||
allow system urandom_device:chr_file rw_file_perms;
|
||||
allow system usbaccessory_device:chr_file rw_file_perms;
|
||||
allow system video_device:chr_file rw_file_perms;
|
||||
allow system qemu_device:chr_file rw_file_perms;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user