sepolicy: add rules to connect to ims_socket

Add rules for imshelper_App to write and connect to ims_socket. Change-Id: I0ec8c0708abfcc22bf7fce8ea70c4ef4a98c16e4
2019-03-26 15:20:35 +05:30
parent 8dcdfe73fa
commit 77613ff04b
5 changed files with 7 additions and 7 deletions
--- a/generic/vendor/common/file.te
+++ b/generic/vendor/common/file.te
@@ -94,6 +94,9 @@ type hal_bootctl_socket, file_type;
 type location_socket, file_type;
 type pps_socket, file_type;

+# imshelper_app file types
+type imshelper_app_data_file, file_type, data_file_type;
+
 type firmware_file, file_type, contextmount_type, vendor_file_type;

 type cnd_data_file, file_type, data_file_type;
--- a/generic/vendor/common/imshelper_app.te
+++ b/generic/vendor/common/imshelper_app.te
@@ -33,4 +33,4 @@ allow imshelper_app app_api_service:service_manager find;
 #allow qsee_svc_app imshelper_app_data_file:dir create_dir_perms;
 #allow qsee_svc_app imshelper_app_data_file:file create_file_perms;

-allow imshelper_app system_app_data_file:dir { getattr search };
+allow imshelper_app system_app_data_file:dir { getattr search };
--- a/generic/vendor/common/seapp_contexts
+++ b/generic/vendor/common/seapp_contexts
@@ -36,5 +36,8 @@ user=_app seinfo=platform name=com.qualcomm.telephony domain=qtelephony type=app
 #add new domain for qtidataservices
 user=radio seinfo=platform name=.qtidataservices domain=qtidataservices_app type=radio_data_file

+#Add new domain for imshelper service
+user=radio seinfo=platform name=.imshelperservice domain=imshelper_app type=imshelper_app_data_file
+
 #Add new domain for power off alarm app
 user=system seinfo=platform name=com.qualcomm.qti.poweroffalarm domain=poweroffalarm_app type=system_app_data_file
--- a/generic/vendor/test/file.te
+++ b/generic/vendor/test/file.te
@@ -25,9 +25,6 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

-# imshelper_app file types
-type imshelper_app_data_file, file_type, data_file_type;
-
 # kgsl snapshot file type for sysfs access
 type sysfs_kgsl_snapshot, sysfs_type, fs_type;

--- a/generic/vendor/test/seapp_contexts
+++ b/generic/vendor/test/seapp_contexts
@@ -33,6 +33,3 @@ user=system seinfo=platform name=com.qualcomm.qti.usta domain=usta_app type=syst

 #Add new domain for qsta app
 user=system seinfo=platform name=com.qualcomm.qti.sensors.qsensortest domain=qsta_app type=system_app_data_file
-
-#Add new domain for imshelper service
-user=system seinfo=platform name=.imshelperservice domain=imshelper_app type=imshelper_app_data_file