NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS04653992] SEPolicy: mmap permission for app

Browse Source 
[Detail]
In kernel 4.14, selinux security need to check if the process has the
map permission of mmap inode. App need the map permission to
read radio_data_file.

[Solution]
Add map permission for app to read radio_data_file.

MTK-Commit-Id: 698e603818ff37a59212a37a41ecbec8e8e30233

Change-Id: I8982ddbff40cfd7280c0a3dc5e8d2f6b6394e747
CR-Id: ALPS04653992
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
This commit is contained in:
Shanshan Guo 2020-01-18 10:14:58 +08:00
parent 96c9971cfd
commit 38ae1361bf
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
non_plat/app.te
View File

@ -53,3 +53,8 @@ allowxperm appdomain proc_perfmgr:file ioctl {
# Date : W19.4 # Date : W19.4
# Purpose : Allow MDP user access mdp driver # Purpose : Allow MDP user access mdp driver
allow appdomain mdp_device:chr_file rw_file_perms; allow appdomain mdp_device:chr_file rw_file_perms;
# Date : W19.23
# Operation : Migration
# Purpose : For platform app com.android.gallery3d
allow { appdomain -isolated_app } radio_data_file:file rw_file_perms;