StrixOS/build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Temporarily whitelisting system domains writing vendor props"

Browse Source 
am: f1a5557164

Change-Id: I0af6ea2b74e324eae11b619d956d524919f95806
This commit is contained in:
Jiyong Park
2018-06-05 21:05:27 -07:00
committed by android-build-merger
parent e571fc1f02 f1a5557164
commit 01e1a4ff12
3 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
target/board/generic/sepolicy/bootanim.te
View File

@@ -5,4 +5,5 @@ dontaudit bootanim system_data_file:dir read;
allow bootanim graphics_device:chr_file { read ioctl open };
typeattribute bootanim system_writes_vendor_properties_violators;
set_prop(bootanim, qemu_prop)

1
target/board/generic/sepolicy/surfaceflinger.te
View File

@@ -1,4 +1,5 @@
allow surfaceflinger self:process execmem;
allow surfaceflinger ashmem_device:chr_file execute;
typeattribute surfaceflinger system_writes_vendor_properties_violators;
set_prop(surfaceflinger, qemu_prop)

1
target/board/generic/sepolicy/zygote.te
View File

@@ -1,3 +1,4 @@
typeattribute zygote system_writes_vendor_properties_violators;
set_prop(zygote, qemu_prop)
# TODO (b/63631799) fix this access
# Suppress denials to storage. Webview zygote should not be accessing.