SELinux policy: let SurfaceFlinger read /data/local/tmp Change-Id: I9770276c8dec2f71d22ae45e30fdc9c6da3d97b7

commit: 07accf92de3a139833a6377dbe36b772b0c11895 [log] [tgz]
author: Alex Klyubin <klyubin@google.com> Mon May 13 13:45:32 2013 -0700
committer: Alex Klyubin <klyubin@google.com> Mon May 13 13:45:32 2013 -0700
tree: f64df8d88aa9c142f68ff473e3f94dfcc402876e
parent: e45a47104a38d0729d60cf3aa70df603b7eddac6 [diff]
diff --git a/sepolicy/surfaceflinger.te b/sepolicy/surfaceflinger.te
index 00b2811..787432d 100644
--- a/sepolicy/surfaceflinger.te
+++ b/sepolicy/surfaceflinger.te

@@ -2,3 +2,8 @@
 allow surfaceflinger gpu_device:chr_file rw_file_perms;
 
 allow surfaceflinger sysfs:file rw_file_perms;
+
+# Read from /data/local/tmp
+allow surfaceflinger shell_data_file:dir search;
+allow surfaceflinger shell_data_file:file { open getattr read };
+allow surfaceflinger shell_data_file:lnk_file read;
commit	07accf92de3a139833a6377dbe36b772b0c11895	[log] [tgz]
author	Alex Klyubin <klyubin@google.com>	Mon May 13 13:45:32 2013 -0700
committer	Alex Klyubin <klyubin@google.com>	Mon May 13 13:45:32 2013 -0700
tree	f64df8d88aa9c142f68ff473e3f94dfcc402876e
parent	e45a47104a38d0729d60cf3aa70df603b7eddac6 [diff]