From 3f1d915dbb743b5b90e10a82cbd9b038057ecc2e Mon Sep 17 00:00:00 2001 From: Stricted Date: Tue, 1 May 2018 02:41:43 +0200 Subject: [PATCH] sepolicy: address some nvram_daemon denials Change-Id: I0ad15a06d19b4b69b205d9b28706e4fb59dce79b (cherry picked from commit 9562b311e7e481fe226fb536f97a14a72734d02b) --- sepolicy/nvram_daemon.te | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/sepolicy/nvram_daemon.te b/sepolicy/nvram_daemon.te index dbc31e8..3284798 100644 --- a/sepolicy/nvram_daemon.te +++ b/sepolicy/nvram_daemon.te @@ -28,3 +28,7 @@ unix_socket_connect(nvram_daemon, property, init) allow nvram_daemon sysfs_boot_mode:file { read open }; allow nvram_daemon sysfs:file { write }; allow nvram_daemon system_prop:property_service { set }; + +allow nvram_daemon nvram_device:chr_file { read write open }; +allow nvram_daemon mmc_device:blk_file { read write open }; +allow nvram_daemon proinfo_device:chr_file { read write open ioctl };