am abc1855b: tee.te: set persist_path permission

* commit 'abc1855b0386eee4704b34551cb87021e12145fa': tee.te: set persist_path permission
author: Mekala Natarajan <mekalan@codeaurora.org> 2014-08-20 09:12:51 +0000
committer: Android Git Automerger <android-git-automerger@android.com> 2014-08-20 09:12:51 +0000
commit: b4099ccd28174f533b88b68cc2483352d0c20307 (patch)
tree: 223f0f7dd64f5a8670310f56bfb524a81847732f
parent: 89a1a4edf4863e2778d7e800ffbbd714e8ecd38f (diff)
parent: abc1855b0386eee4704b34551cb87021e12145fa (diff)
download: mako-b4099ccd28174f533b88b68cc2483352d0c20307.tar.gz
2 files changed, 5 insertions, 6 deletions
diff --git a/init.mako.rc b/init.mako.rc
index ab427fd..85babc8 100644
--- a/init.mako.rc
+++ b/init.mako.rc
@@ -416,9 +416,9 @@ service bugreport /system/bin/dumpstate -d -p -B \
     keycodes 114 115 116
 
 service qseecomd /system/bin/qseecomd
-    class late_start
-    user system
-    group system
+    class core
+    user root
+    group root
 
 service diag_mdlog /system/bin/diag_mdlog -s 100
     class late_start
diff --git a/sepolicy/tee.te b/sepolicy/tee.te
index 44603a9..7547cab 100644
--- a/sepolicy/tee.te
+++ b/sepolicy/tee.te
@@ -10,6 +10,5 @@ allow tee drm_data_file:dir create_dir_perms;
 allow tee drm_data_file:file create_file_perms;
 
 # Access /persist/{widevine,playready}
-allow tee persist_file:dir search;
-allow tee persist_drm_file:dir r_dir_perms;
-allow tee persist_drm_file:file r_file_perms;
+allow tee persist_file:dir { add_name create_dir_perms };
+allow tee persist_file:file create_file_perms;
author	Mekala Natarajan <mekalan@codeaurora.org>	2014-08-20 09:12:51 +0000
committer	Android Git Automerger <android-git-automerger@android.com>	2014-08-20 09:12:51 +0000
commit	b4099ccd28174f533b88b68cc2483352d0c20307 (patch)
tree	223f0f7dd64f5a8670310f56bfb524a81847732f
parent	89a1a4edf4863e2778d7e800ffbbd714e8ecd38f (diff)
parent	abc1855b0386eee4704b34551cb87021e12145fa (diff)
download	mako-b4099ccd28174f533b88b68cc2483352d0c20307.tar.gz