Address SELinux denials with rild.
Allow r/w access to /dev/diag on userdebug/eng builds.
avc: denied { read write } for pid=204 comm="rild" name="diag" dev="tmpfs" ino=8404 scontext=u:r:rild:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file
avc: denied { open } for pid=204 comm="rild" name="diag" dev="tmpfs" ino=8404 scontext=u:r:rild:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file
Grant radio sockets access to rild.
avc: denied { write } for pid=323 comm="rild" name="qmux_radio" dev="tmpfs" ino=1053 scontext=u:r:rild:s0 tcontext=u:object_r:qmuxd_socket:s0 tclass=dir
avc: denied { write } for pid=323 comm="rild" name="qmux_connect_socket" dev="tmpfs" ino=1309 scontext=u:r:rild:s0 tcontext=u:object_r:qmuxd_socket:s0 tclass=sock_file
avc: denied { connectto } for pid=323 comm="rild" path="/dev/socket/qmux_radio/qmux_connect_socket" scontext=u:r:rild:s0 tcontext=u:r:qmux:s0 tclass=unix_stream_socket
Change-Id: I89f7531fb006bfcae9f97b979fba61f3ed6badde
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>
diff --git a/BoardConfigCommon.mk b/BoardConfigCommon.mk
index a339740..81504e1 100755
--- a/BoardConfigCommon.mk
+++ b/BoardConfigCommon.mk
@@ -122,6 +122,7 @@
netmgrd.te \
ppd.te \
qmux.te \
+ rild.te \
rmt.te \
sensors.te \
surfaceflinger.te \
diff --git a/sepolicy/rild.te b/sepolicy/rild.te
new file mode 100644
index 0000000..132214e
--- /dev/null
+++ b/sepolicy/rild.te
@@ -0,0 +1,5 @@
+userdebug_or_eng(`
+ allow rild diag_device:chr_file rw_file_perms;
+')
+
+qmux_socket(rild)
