| commit | 08d64f2c79fb54745216a7c9168c9a83359b1797 | [log] [tgz] |
|---|---|---|
| author | Chia-I Wu <olv@google.com> | Mon Mar 20 14:49:30 2017 -0700 |
| committer | Chia-I Wu <olv@google.com> | Mon Mar 20 14:51:18 2017 -0700 |
| tree | 7924656d7da9dee07aa8aa7a9272d28122c334f4 | |
| parent | 479893b4004b7aabacf5791e0b9869c22d939fde [diff] |
sepolicy: restrict hal_graphics_allocator sysfs access Grant access to sysfs_mdss_mdp_caps only instead of the entire sysfs. Bug: 36373038 Test: manual Change-Id: Idd39ebf2c4cbf2e45f8cac44fcc69c03bb523ad1
diff --git a/sepolicy/hal_graphics_allocator.te b/sepolicy/hal_graphics_allocator.te index fa7fce3..84b36a3 100644 --- a/sepolicy/hal_graphics_allocator.te +++ b/sepolicy/hal_graphics_allocator.te
@@ -1 +1,2 @@ -r_dir_file(hal_graphics_allocator, sysfs_type) +# needed for querySDEInfo +allow hal_graphics_allocator sysfs_mdss_mdp_caps:file r_file_perms;