diff options
author | Amit Pundir <amit.pundir@linaro.org> | 2018-06-13 16:20:56 +0530 |
---|---|---|
committer | Amit Pundir <amit.pundir@linaro.org> | 2018-06-13 16:29:46 +0530 |
commit | 959179e90cb9b8280adc455358b6d6afa9ae5a64 (patch) | |
tree | e93421aa084b6a8acb9a28ee32c7e2614abb7f52 | |
parent | b3e2cf94a19c1533947b0eabda6dcf072bd381b9 (diff) |
selinux: Remove hal_configstore_ISurfaceFlingerConfigs policy
Remove hal_configstore_ISurfaceFlingerConfigs:hwservice_manager
policy which is no longer allowed and break our builds.
------------->8-------------
FAILED: out/target/product/db820c/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows
/bin/bash -c "(rm -f out/target/product/db820c/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows ) \
&& (ASAN_OPTIONS=detect_leaks=0 out/host/linux-x86/bin/checkpolicy -M -c 30 -o \
out/target/product/db820c/obj/ETC/sepolicy_neverallows_intermediates/sepolicy_neverallows \
out/target/product/db820c/obj/ETC/sepolicy_neverallows_intermediates/policy.conf )"
libsepol.report_failure: neverallow on line 4 of system/sepolicy/public/hal_configstore.te \
(or line 14097 of policy.conf) violated by allow hal_graphics_composer_default hal_configstore_ISurfaceFlingerConfigs:hwservice_manager { find };
libsepol.check_assertions: 1 neverallow failures occurred
-------------8<-------------
Change-Id: Ie9e6804cb255f2d6afbc297fe9b8e9dca1b4935d
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
-rw-r--r-- | sepolicy/hal_graphics_composer_default.te | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/sepolicy/hal_graphics_composer_default.te b/sepolicy/hal_graphics_composer_default.te index 54f8137..7a0e52d 100644 --- a/sepolicy/hal_graphics_composer_default.te +++ b/sepolicy/hal_graphics_composer_default.te @@ -8,5 +8,4 @@ allow hal_graphics_composer_default gpu_device:chr_file { getattr ioctl open rea allow hal_graphics_composer_default sysfs_mdss:file { getattr open read }; allow hal_graphics_composer_default sysfs_mdss:dir search; allow hal_graphics_composer_default hal_configstore_default:binder call; -allow hal_graphics_composer_default hal_configstore_ISurfaceFlingerConfigs:hwservice_manager find; allow hal_graphics_composer_default vndbinder_device:chr_file { ioctl map open read write }; |