54 lines
1.6 KiB
Plaintext
54 lines
1.6 KiB
Plaintext
# ==============================================
|
|
# Common SEPolicy Rule
|
|
# ==============================================
|
|
|
|
# Date: W18.32
|
|
# Operation : dontaudit writing to timerslack_ns
|
|
dontaudit system_server appdomain:file w_file_perms;
|
|
allow system_server ota_package_file:dir getattr;
|
|
|
|
# Purpose: receive dropbox message
|
|
allow system_server crash_dump:fifo_file w_file_perms;
|
|
allow system_server crash_dump:fd use;
|
|
|
|
# Property service.
|
|
set_prop(system_server, ctl_bootanim_prop)
|
|
|
|
# Date : WK16.36
|
|
# Purpose: Allow to set property log.tag.WifiHW to control log level of WifiHW
|
|
set_prop(system_server, log_tag_prop)
|
|
|
|
# Fix bootup violation
|
|
get_prop(system_server, wifi_prop)
|
|
|
|
#Date:2019/10/09
|
|
#Operation:Q Migration
|
|
get_prop(system_server, system_mtk_debug_bq_dump_prop)
|
|
|
|
#Date:2019/10/10
|
|
#Operation:Q Migration
|
|
allow system_server mddb_filter_data_file:dir getattr;
|
|
|
|
allow system_server netdiag:fd use;
|
|
|
|
#Date :2020/10/19
|
|
#Operation : Allow system server to kill dex2oat
|
|
allow system_server dex2oat:process sigkill;
|
|
|
|
#Date:2021/9/22
|
|
# Allow system server to get pgid
|
|
allow system_server rs:process getpgid;
|
|
allow system_server webview_zygote:process getpgid;
|
|
allow system_server netd:process setsched;
|
|
allow system_server keystore:process setsched;
|
|
allow system_server audioserver_tmpfs:file write;
|
|
#Date:2021/10/13
|
|
# neverallow system server to kill process
|
|
dontaudit system_server mediaserver:process sigkill;
|
|
dontaudit system_server netd:process sigkill;
|
|
dontaudit system_server keystore:process sigkill;
|
|
|
|
#support system server domain do ioctl
|
|
allow system_server system_mtk_pmb_file:file ioctl;
|
|
allowxperm system_server system_mtk_pmb_file:file ioctl FS_IOC_MEASURE_VERITY;
|