sepolicy_vndr: Restrict access to /sys/devices/soc0/serial_numberuminekotachibana-mr1

Change-Id: I6254ef6e160ff0d3c3ce2e51f20f557e75826dff

2 files changed, 2 insertions, 0 deletions

diff --git a/generic/vendor/common/file.te b/generic/vendor/common/file.te
index db807b84..1ffb5a50 100644
--- a/generic/vendor/common/file.te
+++ b/generic/vendor/common/file.te
@@ -90,6 +90,7 @@ type vendor_sysfs_msm_subsys_restart, sysfs_type, fs_type;
 type vendor_sysfs_sensors, sysfs_type, fs_type;
 type vendor_sysfs_sectouch, sysfs_type, fs_type;
 type vendor_sysfs_soc, sysfs_type, fs_type;
+type vendor_sysfs_soc_sensitive, sysfs_type, fs_type;
 type vendor_sysfs_public, sysfs_type, fs_type;
 type vendor_sysfs_scsi_host, fs_type, sysfs_type;
 type vendor_sysfs_scsi_target, fs_type, sysfs_type;
diff --git a/generic/vendor/common/genfs_contexts b/generic/vendor/common/genfs_contexts
index 4f199c61..fae593a6 100644
--- a/generic/vendor/common/genfs_contexts
+++ b/generic/vendor/common/genfs_contexts
@@ -115,6 +115,7 @@ genfscon sysfs /devices/virtual/graphics/fb0                            u:object
 genfscon sysfs /devices/virtual/graphics/fb1                            u:object_r:vendor_sysfs_graphics:s0
 genfscon sysfs /devices/soc/8c0000.qcom,msm-cam                         u:object_r:vendor_sysfs_camera:s0
 genfscon sysfs /devices/soc0                                            u:object_r:vendor_sysfs_soc:s0
+genfscon sysfs /devices/soc0/serial_number                              u:object_r:vendor_sysfs_soc_sensitive:s0
 genfscon sysfs /devices/soc0/soc_id                                     u:object_r:vendor_sysfs_public:s0
 genfscon sysfs /devices/system/soc/soc0/id                              u:object_r:vendor_sysfs_public:s0
 genfscon sysfs /devices/soc0/family                                     u:object_r:vendor_sysfs_public:s0