NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_device_mediatek_sep.../prebuilts/api/26.0/plat_private/kisd.te

32 lines
1.3 KiB
Plaintext
Raw Normal View History

import from mediatek/master to mediatek/alps-mp-o1.mp1 Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79 MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
2020-01-18 09:29:32 +08:00
# ==============================================
[ALPS03853366] Fix kisd sepolicy issue for android p[1/3] [Detail] Move kisd from system to vendor and add keymanage hidl [Solution] Modify related sepolicy in device/mediatek/sepolicy/basic MTK-Commit-Id: c1826ac0bdcc18a4e6d3298e73514801a35a09ad Change-Id: Iee4b65ba5addc5a21de53e76d3bb092e2f37ab01 CR-Id: ALPS03853366 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
2020-01-18 09:45:51 +08:00
# Policy File of /vendor/bin/kisd Executable File
import from mediatek/master to mediatek/alps-mp-o1.mp1 Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79 MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
2020-01-18 09:29:32 +08:00
# ==============================================
# Type Declaration
# ==============================================
[ALPS03853366] Fix kisd sepolicy issue for android p[1/3] [Detail] Move kisd from system to vendor and add keymanage hidl [Solution] Modify related sepolicy in device/mediatek/sepolicy/basic MTK-Commit-Id: c1826ac0bdcc18a4e6d3298e73514801a35a09ad Change-Id: Iee4b65ba5addc5a21de53e76d3bb092e2f37ab01 CR-Id: ALPS03853366 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
2020-01-18 09:45:51 +08:00
type kisd_exec, exec_type, file_type, vendor_file_type;
typeattribute kisd mlstrustedsubject;
import from mediatek/master to mediatek/alps-mp-o1.mp1 Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79 MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
2020-01-18 09:29:32 +08:00
# ==============================================
# MTK Policy Rule
# ==============================================
init_daemon_domain(kisd)
allow kisd tee_device:chr_file {read write open ioctl};
allow kisd provision_file:dir {read write open ioctl add_name search remove_name};
allow kisd provision_file:file {create read write open getattr unlink};
[ALPS04239425] Sepolicy: fix undefined type declration [Detail] Unknown type:untrusted_v2_app,alarm_device,qtaguid_proc,mtd_device Duplicated type:proc_slabinfo MTK-Commit-Id: 11ccfcffb994452eb58a697e94a8da748ac73933 Change-Id: I2e847041d14d6b6613044cfaa98f242b7fd9381a CR-Id: ALPS04239425 Feature: Build System
2020-01-18 10:08:05 +08:00
#allow kisd system_file:file {execute_no_trans};
import from mediatek/master to mediatek/alps-mp-o1.mp1 Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79 MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
2020-01-18 09:29:32 +08:00
allow kisd block_device:dir {read write open ioctl search};
allow kisd kb_block_device:blk_file {read write open ioctl getattr};
allow kisd dkb_block_device:blk_file {read write open ioctl getattr};
allow kisd key_install_data_file:dir {write remove_name add_name};
allow kisd key_install_data_file:file {write getattr read create unlink open};
allow kisd key_install_data_file:dir search;
allow kisd mtd_device:chr_file { open read write };
allow kisd mtd_device:dir { search };
allow kisd kb_block_device:chr_file {read write open ioctl getattr};
allow kisd dkb_block_device:chr_file {read write open ioctl getattr};
Reference in New Issue Copy Permalink