Merge "init: tighten sysfs_type permissions"

commit: 021344cc512b77fd777ba8828ef07f844a8e226d [log] [tgz]
author: Tri Vo <trong@google.com> Wed Dec 20 17:11:10 2017 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed Dec 20 17:11:10 2017 +0000
tree: 3b6828ac42012a9e6aa46ae33805e238e84371ff
parent: 215fb3efe4091d992915d270b72bd83244e88f9b [diff]
parent: 55039509fd5c751f01df9ae7ee96337cd0cab7a2 [diff]
diff --git a/public/init.te b/public/init.te
index 3a2d667..450afd8 100644
--- a/public/init.te
+++ b/public/init.te

@@ -214,7 +214,7 @@
   -contextmount_type
   -proc
   -sdcard_type
-  -sysfs
+  -sysfs_type
   -rootfs
 }:file { open read setattr };
 allow init { fs_type -contextmount_type -sdcard_type -rootfs }:dir  { open read setattr search };
@@ -304,6 +304,10 @@
   sysfs_zram
 }:file w_file_perms;
 
+allow init {
+  sysfs_dt_firmware_android
+}:file r_file_perms;
+
 # init chmod/chown access to /sys files.
 allow init {
   sysfs_android_usb
@@ -312,6 +316,8 @@
   sysfs_leds
   sysfs_lowmemorykiller
   sysfs_power
+  sysfs_vibrator
+  sysfs_wake_lock
 }:file setattr;
 
 # Set usermodehelpers.
commit	021344cc512b77fd777ba8828ef07f844a8e226d	[log] [tgz]
author	Tri Vo <trong@google.com>	Wed Dec 20 17:11:10 2017 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed Dec 20 17:11:10 2017 +0000
tree	3b6828ac42012a9e6aa46ae33805e238e84371ff
parent	215fb3efe4091d992915d270b72bd83244e88f9b [diff]
parent	55039509fd5c751f01df9ae7ee96337cd0cab7a2 [diff]