Evolution-x-devices/device_google_wahoo
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-02-01 15:09:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

annotate vendor components that access core data types

Browse Source 
Grant cnd a temporary exemption to a neverallow rule
asserting vendor processes may not access core data types outside
/data/vendor.

Cherry-picked from ead208b3b3

Bug: 34980020
Bug: 36712542
Test: Muskie builds
Change-Id: I68baee81282343b5627b012ff39d2f038fb99054
This commit is contained in:
Jeff Vander Stoep
2017-03-29 08:08:17 -07:00
committed by Max Bires
parent 69c0497447
commit b7606d8693
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sepolicy/cnd.te
View File

@@ -8,8 +8,12 @@ allow cnd self:capability { chown fsetid setgid setuid };
allow cnd self:udp_socket create_socket_perms;
allowxperm cnd self:udp_socket ioctl SIOCGIFMTU;
# TODO(b/36712542): Remove this once cnd stops accessing data
# outside /data/vendor.
typeattribute cnd coredata_in_vendor_violators;
allow cnd wpa_socket:dir w_dir_perms;
allow cnd wpa_socket:sock_file create_file_perms;
allow cnd wifi_data_file:dir search;
allow cnd sysfs_soc:dir search;
allow cnd sysfs_soc:file r_file_perms;