Evolution-x-devices/device_google_wahoo
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-02-01 07:50:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow qseecomd to write to persist_data

Browse Source 
Needed for drm.
avc: denied { read } for comm="qseecomd" name="/" dev="sdd3" ino=2
scontext=u:r:tee:s0 tcontext=u:object_r:persist_file:s0 tclass=dir
avc: denied { open } for comm="qseecomd" path="/persist" dev="sdd3"
scontext=u:r:tee:s0 tcontext=u:object_r:persist_file:s0 tclass=dir
avc: denied { write } for comm="qseecomd" name="widevine" dev="sdd3"
ino=97 scontext=u:r:tee:s0 tcontext=u:object_r:persist_data_file:s0
tclass=dir
avc: denied { add_name } for comm="qseecomd" scontext=u:r:tee:s0
tcontext=u:object_r:persist_data_file:s0 tclass=dir permissive=1
avc: denied { create } for comm="qseecomd scontext=u:r:tee:s0
tcontext=u:object_r:persist_data_file:s0 tclass=file permissive=1
avc: denied { write } for comm="qseecomd" scontext=u:r:tee:s0
tcontext=u:object_r:persist_data_file:s0
tclass=file permissive=1:persist_file:s0 tclass=dir permissive=1
avc: denied { open } scontext=u:r:tee:s0
tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
avc: denied { write } for comm="qseecomd" name="widevine"
scontext=u:r:tee:s0 tcontext=u:object_r:persist_data_file:s0
tclass=dir permissive=1
avc: denied { add_name } for comm="qseecomd" scontext=u:r:tee:s0
tcontext=u:object_r:persist_data_file:s0 tclass=dir permissive=1
avc: denied { create } for comm="qseecomd" scontext=u:r:tee:s0
tcontext=u:object_r:persist_data_file:s0 tclass=file permissive=1
avc: denied { write } scontext=u:r:tee:s0
tcontext=u:object_r:persist_data_file:s0 tclass=file permissive=1

Bug: 63051358
Test: build
Change-Id: I28bd0cd816720a85fc840890a74929939366de6d
This commit is contained in:
Jeff Vander Stoep
2017-06-29 15:41:11 -07:00
committed by Thierry Strudel
parent ee8cd6b127
commit aaaafebf1c
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
sepolicy/vendor/tee.te vendored
View File

@@ -10,11 +10,11 @@ allow tee block_device:dir { getattr search };
allow tee ssd_block_device:blk_file rw_file_perms;
allow tee sg_device:chr_file { rw_file_perms setattr };
r_dir_file(tee, persist_data_file)
allow tee persist_file:dir search;
allow tee persist_file:dir r_dir_perms;
allow tee persist_drm_file:dir create_dir_perms;
allow tee persist_drm_file:file create_file_perms;
allow tee persist_data_file:dir create_dir_perms;
allow tee persist_data_file:file create_file_perms;
allow tee system_data_file:dir r_dir_perms;