From cd25e765552632d6ba1126d668052e970c97fad5 Mon Sep 17 00:00:00 2001
From: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
Date: Tue, 16 Feb 2016 17:32:25 +0100
Subject: [PATCH] sepolicy: allow bootanim and surfaceflinger execmem and
 access to ashmem

This allows the device to boot with software rendering
using build/target/board/generic/sepolicy as reference

Signed-off-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
---
 sepolicy/bootanim.te       | 2 ++
 sepolicy/surfaceflinger.te | 2 ++
 2 files changed, 4 insertions(+)
 create mode 100644 sepolicy/surfaceflinger.te

diff --git a/sepolicy/bootanim.te b/sepolicy/bootanim.te
index 164231b0..8739a870 100644
--- a/sepolicy/bootanim.te
+++ b/sepolicy/bootanim.te
@@ -1,3 +1,5 @@
 # Themed resources (bootanimation)
 allow bootanim theme_data_file:dir search;
 allow bootanim theme_data_file:file r_file_perms;
+allow bootanim self:process execmem;
+allow bootanim ashmem_device:chr_file execute;
\ No newline at end of file
diff --git a/sepolicy/surfaceflinger.te b/sepolicy/surfaceflinger.te
new file mode 100644
index 00000000..4c354697
--- /dev/null
+++ b/sepolicy/surfaceflinger.te
@@ -0,0 +1,2 @@
+allow surfaceflinger self:process execmem;
+allow surfaceflinger ashmem_device:chr_file execute;