Label system_server's dependencies in sysfs. New types: sysfs_android_usb sysfs_ipv4 sysfs_power sysfs_rtc sysfs_switch sysfs_wakeup_reasons Labeled: /sys/class/android_usb, /sys/devices/virtual/android_usb ->sysfs_android_usb /sys/class/rtc -> sysfs_rtc /sys/class/switch, /sys/devices/virtual/switch -> sysfs_switch /sys/power/state, /sys/power/wakeup_count -> sysfs_power /sys/kernel/ipv4 -> sysfs_ipv4 /sys/kernel/wakeup_reasons -> sysfs_wakeup_reasons Removed access to sysfs and sysfs_type from system_server and added appropriate access to new types. Bug: 65643247 Test: sailfish boots without violation from system_server or to new labels. Change-Id: I27250fd537d76c8226defa138d84fe2a4ce2d5d5

commit: 1960215c4981f2d0a67e916fefaf48cc1314efe2 [log] [tgz]
author: Tri Vo <trong@google.com> Mon Oct 09 20:39:34 2017 -0700
committer: Tri Vo <trong@google.com> Thu Oct 12 14:51:20 2017 -0700
tree: b9e26cfb0b72c19b4a5fafe3be3350a9110fc450
parent: 06cef4ff15f58f56d909c618da55fb236b76117a [diff] [blame]
diff --git a/private/genfs_contexts b/private/genfs_contexts
index 563da5d..2cc6f70 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts

@@ -60,18 +60,27 @@
 # sysfs labels can be set by userspace.
 genfscon sysfs / u:object_r:sysfs:s0
 genfscon sysfs /devices/system/cpu u:object_r:sysfs_devices_system_cpu:s0
+genfscon sysfs /class/android_usb                 u:object_r:sysfs_android_usb:s0
 genfscon sysfs /class/leds                        u:object_r:sysfs_leds:s0
+genfscon sysfs /class/rtc                         u:object_r:sysfs_rtc:s0
+genfscon sysfs /class/switch                      u:object_r:sysfs_switch:s0
 genfscon sysfs /devices/platform/nfc-power/nfc_power u:object_r:sysfs_nfc_power_writable:s0
+genfscon sysfs /devices/virtual/android_usb     u:object_r:sysfs_android_usb:s0
 genfscon sysfs /devices/virtual/block/dm-       u:object_r:sysfs_dm:s0
 genfscon sysfs /devices/virtual/block/zram0     u:object_r:sysfs_zram:s0
 genfscon sysfs /devices/virtual/block/zram1     u:object_r:sysfs_zram:s0
 genfscon sysfs /devices/virtual/block/zram0/uevent    u:object_r:sysfs_zram_uevent:s0
 genfscon sysfs /devices/virtual/block/zram1/uevent    u:object_r:sysfs_zram_uevent:s0
 genfscon sysfs /devices/virtual/misc/hw_random    u:object_r:sysfs_hwrandom:s0
+genfscon sysfs /devices/virtual/switch          u:object_r:sysfs_switch:s0
 genfscon sysfs /fs/ext4/features                  u:object_r:sysfs_fs_ext4_features:s0
+genfscon sysfs /power/state u:object_r:sysfs_power:s0
+genfscon sysfs /power/wakeup_count u:object_r:sysfs_power:s0
 genfscon sysfs /power/wake_lock u:object_r:sysfs_wake_lock:s0
 genfscon sysfs /power/wake_unlock u:object_r:sysfs_wake_lock:s0
+genfscon sysfs /kernel/ipv4 u:object_r:sysfs_ipv4:s0
 genfscon sysfs /kernel/uevent_helper u:object_r:sysfs_usermodehelper:s0
+genfscon sysfs /kernel/wakeup_reasons u:object_r:sysfs_wakeup_reasons:s0
 genfscon sysfs /module/lowmemorykiller u:object_r:sysfs_lowmemorykiller:s0
 genfscon sysfs /module/wlan/parameters/fwpath u:object_r:sysfs_wlan_fwpath:s0
 genfscon sysfs /devices/virtual/timed_output/vibrator/enable u:object_r:sysfs_vibrator:s0
commit	1960215c4981f2d0a67e916fefaf48cc1314efe2	[log] [tgz]
author	Tri Vo <trong@google.com>	Mon Oct 09 20:39:34 2017 -0700
committer	Tri Vo <trong@google.com>	Thu Oct 12 14:51:20 2017 -0700
tree	b9e26cfb0b72c19b4a5fafe3be3350a9110fc450
parent	06cef4ff15f58f56d909c618da55fb236b76117a [diff] [blame]