NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS03869840] SF : Add sepolicy for graphics

Browse Source 
[Detail]
More strictly selinux policy that system process cannot access vendor partition,
unless label the specific vendor lib to same_process_hal_file

[Solution]
Add same-process HAL files and their dependencies

MTK-Commit-Id: 3cb98800bc3a8cda80905c0cba6a4aad1799833a

Change-Id: I0b7f9c536117944f1350bee70a06f02d3db0bfb4
CR-Id: ALPS03869840
Feature: [Module]SurfaceFlinger/HWComposer
This commit is contained in:
mtk14318 2020-01-18 09:49:10 +08:00
parent 631c50a10a
commit 0c22318021
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
non_plat/file_contexts
View File

@ -592,3 +592,8 @@
/vendor/lib(64)?/libdrm\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/libdrm\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libion_mtk\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/libion_mtk\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libion_ulit\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/libion_ulit\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libdpframework\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libpq_cust_base\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/vendor\.mediatek\.hardware\.pq@[0-9]\.[0-9]\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libpq_prot\.so u:object_r:same_process_hal_file:s0