sepolicy: Cleanup and cosmetic changes
cherry-picked from upstream device/linaro/dragonboard project.
No functional changes. Renamed few labels and
removed older kernel support.
Earlier I named few framework sysfs labels
based on the execs accessing those sysfs
entries.
For example:
/sys/class/remoteproc u:object_r:sysfs_tqftpserv:s0
just because tqftpserv was the only binary
which needed access of remoteproc sysfs.
That was short sighted and I try to fix some
of such cosmetic mistakes in this patch.
All the remoteproc sysfs entries (adsp/cdsp)
are labeled as sysfs_remoteproc.
Also removed few sysfs entries needed to
bring display on obsolete v5.3 and older
kernels.
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Change-Id: I9b09be07d9f74708a6be89408b565dde7c184dfd
diff --git a/sepolicy/rmtfs.te b/sepolicy/rmtfs.te
index fff2e64..7cef38f 100644
--- a/sepolicy/rmtfs.te
+++ b/sepolicy/rmtfs.te
@@ -8,6 +8,8 @@
allow rmtfs rmtfs_device:chr_file { open read write };
allow rmtfs self:capability net_admin;
allow rmtfs self:qipcrtr_socket { bind create getattr read setopt write };
-allow rmtfs sysfs_rmtfs:dir { open read search};
-allow rmtfs sysfs_rmtfs:file r_file_perms;
-allow rmtfs sysfs_rmtfs:file write;
+allow rmtfs sysfs_mss:dir { open read search };
+allow rmtfs sysfs_remoteproc:dir { open read search };
+allow rmtfs sysfs_remoteproc:file { open write };
+allow rmtfs sysfs_rmtfs:dir search;
+allow rmtfs sysfs_rmtfs:file { open read };