SEAndroid: Add policies for ADSP devices.

sepolicy for adsp devices. Change-Id: Ic45d358865271648cc0c3b7c2c64ea4b0dfd4636
2014-05-13 20:26:21 -07:00
parent efbd86ae56
commit 487ec21272
3 changed files with 9 additions and 0 deletions
--- a/app.te
+++ b/app.te
@@ -4,3 +4,6 @@ allow appdomain gpu_device:chr_file rw_file_perms;

 # allow application to access cnd domain and socket
 unix_socket_connect(appdomain, cnd, cnd)
+
+#Allow all apps to open and send ioctl to qdsp device
+allow appdomain qdsp_device:chr_file { ioctl open };
--- a/device.te
+++ b/device.te
@@ -17,3 +17,6 @@ type subsys_esoc0_device, dev_type;

 #Define thermal-engine devices
 type thermal_device, dev_type;
+
+#Add qdsp_device type
+type qdsp_device, dev_type;
--- a/3
+++ b/3
@@ -108,3 +108,6 @@
 /dev/socket/thermal-send-client                          u:object_r:thermal_socket:s0
 /dev/socket/thermal-recv-client                          u:object_r:thermal_socket:s0
 /dev/socket/thermal-recv-passive-client                  u:object_r:thermal_socket:s0
+
+#Add context for adsp device
+/dev/adsprpc-smd u:object_r:qdsp_device:s0