NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS04239425] Sepolicy: remove neverallow rule

Browse Source 
[Detail]
app_zygote.te violated by allow app_zygote aee_aed:unix_stream_socket { connectto };
domain.te violated by allow aee_aedv debugfs:lnk_file { read };
We remove two policy to prevent build break.

MTK-Commit-Id: 7035ebb6f8308dc756848a173bb2a412d421f9b3

Test: Build only
Change-Id: I6b228a38d5953e2ceaa41c4193d2bf6c14bee581
CR-Id: ALPS04239425
Feature:Android Exception Engine(AEE)
This commit is contained in:
Juju Sung 2020-01-18 10:08:09 +08:00
parent 999541e09b
commit 9ca13651c2
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
non_plat/aee_aedv.te
View File

@ -131,7 +131,7 @@ allow aee_aedv crash_dump:file r_file_perms;
allow aee_aedv vendor_file:file execute_no_trans;
# Purpose: debugfs files
allow aee_aedv debugfs:lnk_file read;
# allow aee_aedv debugfs:lnk_file read;
allow aee_aedv debugfs_binder:dir { read open };
allow aee_aedv debugfs_binder:file { read open };
allow aee_aedv debugfs_blockio:file { read open };

8
non_plat/domain.te
View File

@ -30,9 +30,9 @@ allow coredomain vendor_file:lnk_file { getattr read };
# Date:20170630
# Purpose: allow trusted process to connect aee daemon
allow {
coredomain
-untrusted_app_all
} aee_aed:unix_stream_socket connectto;
#allow {
# coredomain
# -untrusted_app_all
#} aee_aed:unix_stream_socket connectto;
allow { domain -coredomain -hal_configstore_server -vendor_init } aee_aedv:unix_stream_socket connectto;