Replace unix_socket_connect() and explicit property sets with macro
A common source of mistakes when authoring sepolicy is properly setting up property sets. This is a 3 part step of: 1. Allowing the unix domain connection to the init/property service 2. Allowing write on the property_socket file 3. Allowing the set on class property_service The macro unix_socket_connect() handled 1 and 2, but could be confusing for first time policy authors. 3 had to be explicitly added. To correct this, we introduce a new macros: set_prop(sourcedomain, targetprop) This macro handles steps 1, 2 and 3. No difference in sediff is expected. (cherrypicked from commit 625a3526) Change-Id: I630ba0178439c935d08062892990d43a3cc1239e Signed-off-by:William Roberts <william.c.roberts@linux.intel.com>
Showing
- adbd.te 3 additions, 4 deletionsadbd.te
- bluetooth.te 3 additions, 6 deletionsbluetooth.te
- dhcp.te 3 additions, 3 deletionsdhcp.te
- healthd.te 1 addition, 2 deletionshealthd.te
- mediaserver.te 2 additions, 2 deletionsmediaserver.te
- netd.te 3 additions, 4 deletionsnetd.te
- nfc.te 1 addition, 2 deletionsnfc.te
- radio.te 4 additions, 7 deletionsradio.te
- recovery.te 2 additions, 3 deletionsrecovery.te
- rild.te 3 additions, 4 deletionsrild.te
- shell.te 4 additions, 5 deletionsshell.te
- surfaceflinger.te 2 additions, 5 deletionssurfaceflinger.te
- system_app.te 6 additions, 7 deletionssystem_app.te
- system_server.te 10 additions, 11 deletionssystem_server.te
- te_macros 20 additions, 0 deletionste_macros
- uncrypt.te 1 addition, 2 deletionsuncrypt.te
- vold.te 3 additions, 6 deletionsvold.te
Loading
Please register or sign in to comment