xiaomi-unicorn1/android_device_qcom_sepolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sepolicy : removed wfdservice access to tee_device

Browse Source 
Based on the  b/120243891 tee_device are not allowed to access
by coredomains (in full treble enabled devices) so removed
the access in wfdservice.te

Change-Id: I6608e08ac8ead3f4823b5443e86d937bd2b472ca
This commit is contained in:
Ravi Kumar Siddojigari
2019-02-18 12:29:55 +05:30
parent d5df8025f1
commit ca429c825f
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
qva/private/wfdservice.te
View File

@@ -75,8 +75,10 @@ unix_socket_connect(wfdservice, property, init);
allow wfdservice video_device:chr_file rw_file_perms;
allow wfdservice video_device:dir r_dir_perms;
#TODO: Need to check on how to address this
# keeping this line commented to keep track
#Allow access to tee device for HDCP sessions
allow wfdservice tee_device:chr_file rw_file_perms;
#allow wfdservice tee_device:chr_file rw_file_perms;
#Allow access to uhid driver for HID event injection
allow wfdservice uhid_device:chr_file rw_file_perms;