projects / GitHub / exynos8895 / android_device_samsung_universal8895-common.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Sepolicy: add more file and device labels and fix denials
[GitHub/exynos8895/android_device_samsung_universal8895-common.git] / sepolicy / system_server.te
diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te
index 685cfced2bb0ba6af349b76ed915b4f72a37b3c3..3a48fdfe22ace8e8c7d543076a593ac4e2e8a3d6 100644 (file)
--- a/sepolicy/system_server.te
+++ b/sepolicy/system_server.te
@@ -1,11 +1,14 @@
-# /sys/kernel/debug/mali/mem
-# allow system_server debugfs:dir { open read };
-# allow system_server debugfs:file { open read };
-
 # /dev/mali0
 allow system_server gpu_device:chr_file { ioctl read write };
 
 # memtrack HAL
-allow system_server debugfs:dir r_dir_perms;
+allow system_server debugfs:dir r_dir_perms;
 allow system_server debugfs_mali:dir r_dir_perms;
 allow system_server debugfs_mali:file r_file_perms;
+
+allow system_server debugfs_ion:dir search;
+allow system_server debugfs_ion:file { getattr open read };
+
+allow system_server debugfs_ion_dma:dir search;
+allow system_server debugfs_mali_mem:dir search;
+allow system_server debugfs_mali_mem:file { getattr open read };