diff options
author | John Stultz <john.stultz@linaro.org> | 2019-10-25 04:40:29 +0000 |
---|---|---|
committer | John Stultz <john.stultz@linaro.org> | 2019-10-25 04:40:29 +0000 |
commit | c23e5e62a47a3509df191ae42a2d3547a02927b9 (patch) | |
tree | 8080c28a06af52bf28799c3f80aa1bcfd3dba0c7 | |
parent | 092e043238e38b95af737eadb3bbb4a10427a1c0 (diff) |
db845c: sepolicy: Add some kernel sepolicy rules to allow firmware loading
Previously we were seeing issues w/ firmware loading due to sepolicy
blocking the in-kernel loader from accessing /vendor/firmware files
This patch adds some sepolicy additions suggested by audit2allow
that let it work.
Change-Id: Ie7238a2ae30d1377dcd73a6c194f0017989006bf
Signed-off-by: John Stultz <john.stultz@linaro.org>
-rw-r--r-- | sepolicy/kernel.te | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/sepolicy/kernel.te b/sepolicy/kernel.te index 46bfee5..3fad122 100644 --- a/sepolicy/kernel.te +++ b/sepolicy/kernel.te @@ -3,3 +3,5 @@ allow kernel device:chr_file { create setattr }; allow kernel device:dir { add_name create write }; allow kernel self:capability mknod; allow kernel vendor_file:file { open read }; +allow kernel self:system module_request; +allow vendor_init kernel:system module_request; |