[ALPS04239425] Sepolicy: remove neverallow rule
[Detail]
app_zygote.te violated by allow app_zygote aee_aed:unix_stream_socket { connectto };
domain.te violated by allow aee_aedv debugfs:lnk_file { read };
We remove two policy to prevent build break.
MTK-Commit-Id: 7035ebb6f8308dc756848a173bb2a412d421f9b3
Test: Build only
Change-Id: I6b228a38d5953e2ceaa41c4193d2bf6c14bee581
CR-Id: ALPS04239425
Feature:Android Exception Engine(AEE)
This commit is contained in:
Juju Sung
parent
999541e09b
commit
9ca13651c2
@ -131,7 +131,7 @@ allow aee_aedv crash_dump:file r_file_perms;
|
|||||||
allow aee_aedv vendor_file:file execute_no_trans;
|
allow aee_aedv vendor_file:file execute_no_trans;
|
||||||
|
|
||||||
# Purpose: debugfs files
|
# Purpose: debugfs files
|
||||||
allow aee_aedv debugfs:lnk_file read;
|
# allow aee_aedv debugfs:lnk_file read;
|
||||||
allow aee_aedv debugfs_binder:dir { read open };
|
allow aee_aedv debugfs_binder:dir { read open };
|
||||||
allow aee_aedv debugfs_binder:file { read open };
|
allow aee_aedv debugfs_binder:file { read open };
|
||||||
allow aee_aedv debugfs_blockio:file { read open };
|
allow aee_aedv debugfs_blockio:file { read open };
|
||||||
|
|||||||
@ -30,9 +30,9 @@ allow coredomain vendor_file:lnk_file { getattr read };
|
|||||||
|
|
||||||
# Date:20170630
|
# Date:20170630
|
||||||
# Purpose: allow trusted process to connect aee daemon
|
# Purpose: allow trusted process to connect aee daemon
|
||||||
allow {
|
#allow {
|
||||||
coredomain
|
# coredomain
|
||||||
-untrusted_app_all
|
# -untrusted_app_all
|
||||||
} aee_aed:unix_stream_socket connectto;
|
#} aee_aed:unix_stream_socket connectto;
|
||||||
allow { domain -coredomain -hal_configstore_server -vendor_init } aee_aedv:unix_stream_socket connectto;
|
allow { domain -coredomain -hal_configstore_server -vendor_init } aee_aedv:unix_stream_socket connectto;
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user