Merge "[ALPS03909621] Move meta_tst" into alps-trunk-p0.basic
Change-Id: I8bf77adeabb1e8c9cb670d08f2e9c7547e3545c7 MTK-Commit-Id: 2d248dc848d56e791912f2ca6c3d17650b1e558f
This commit is contained in:
Dian Wang
Gerrit Code Review
commit
39aae26920
@ -538,7 +538,8 @@
|
|||||||
/(system\/vendor|vendor)/bin/thermal_manager u:object_r:thermal_manager_exec:s0
|
/(system\/vendor|vendor)/bin/thermal_manager u:object_r:thermal_manager_exec:s0
|
||||||
/(system\/vendor|vendor)/bin/thermalloadalgod u:object_r:thermalloadalgod_exec:s0
|
/(system\/vendor|vendor)/bin/thermalloadalgod u:object_r:thermalloadalgod_exec:s0
|
||||||
/(system\/vendor|vendor)/bin/lbs_hidl_service u:object_r:lbs_hidl_service_exec:s0
|
/(system\/vendor|vendor)/bin/lbs_hidl_service u:object_r:lbs_hidl_service_exec:s0
|
||||||
|
/(system\/vendor|vendor)/bin/meta_tst u:object_r:meta_tst_exec:s0
|
||||||
|
/(system\/vendor|vendor)/bin/pre_meta u:object_r:pre_meta_exec:s0
|
||||||
/(system\/vendor|vendor)/bin/wmt_loader u:object_r:wmt_loader_exec:s0
|
/(system\/vendor|vendor)/bin/wmt_loader u:object_r:wmt_loader_exec:s0
|
||||||
/(system\/vendor|vendor)/bin/spm_loader u:object_r:spm_loader_exec:s0
|
/(system\/vendor|vendor)/bin/spm_loader u:object_r:spm_loader_exec:s0
|
||||||
/(system\/vendor|vendor)/bin/ccci_mdinit u:object_r:ccci_mdinit_exec:s0
|
/(system\/vendor|vendor)/bin/ccci_mdinit u:object_r:ccci_mdinit_exec:s0
|
||||||
|
|||||||
@ -1,5 +1,14 @@
|
|||||||
# ==============================================
|
# ==============================================
|
||||||
# Policy File of /system/bin/meta_tst Executable File
|
# Policy File of /vendor/bin/meta_tst Executable File
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# ==============================================
|
||||||
|
# Type Declaration
|
||||||
|
# ==============================================
|
||||||
|
type meta_tst, domain;
|
||||||
|
type meta_tst_exec , exec_type, file_type, vendor_file_type;
|
||||||
|
init_daemon_domain(meta_tst)
|
||||||
|
|
||||||
# ==============================================
|
# ==============================================
|
||||||
# MTK Policy Rule
|
# MTK Policy Rule
|
||||||
@ -152,7 +161,7 @@ allow meta_tst mt6605_device:chr_file rw_file_perms;
|
|||||||
#Date WK14.49
|
#Date WK14.49
|
||||||
#Operation : Migration
|
#Operation : Migration
|
||||||
#Purpose : DRM key installation
|
#Purpose : DRM key installation
|
||||||
allow meta_tst shell_exec:file rx_file_perms;
|
#allow meta_tst shell_exec:file rx_file_perms;
|
||||||
allow meta_tst system_data_file:dir create;
|
allow meta_tst system_data_file:dir create;
|
||||||
allow meta_tst key_install_data_file:dir w_dir_perms;
|
allow meta_tst key_install_data_file:dir w_dir_perms;
|
||||||
allow meta_tst key_install_data_file:file create_file_perms;
|
allow meta_tst key_install_data_file:file create_file_perms;
|
||||||
@ -166,7 +175,7 @@ allow meta_tst proc_lk_env:file rw_file_perms;
|
|||||||
allow meta_tst block_device:blk_file getattr;
|
allow meta_tst block_device:blk_file getattr;
|
||||||
allow meta_tst system_block_device:blk_file getattr;
|
allow meta_tst system_block_device:blk_file getattr;
|
||||||
#allow meta_tst fuse_device:chr_file getattr;
|
#allow meta_tst fuse_device:chr_file getattr;
|
||||||
allow meta_tst shell_exec:file r_file_perms;
|
#allow meta_tst shell_exec:file r_file_perms;
|
||||||
|
|
||||||
# Date: WK15.52
|
# Date: WK15.52
|
||||||
# Purpose : NVRAM related LID
|
# Purpose : NVRAM related LID
|
||||||
@ -216,7 +225,7 @@ allow meta_tst gsm0710muxd_device:chr_file rw_file_perms;
|
|||||||
|
|
||||||
# Date: WK16.20
|
# Date: WK16.20
|
||||||
# Purpose: meta_tst set sys.usb.config
|
# Purpose: meta_tst set sys.usb.config
|
||||||
set_prop(meta_tst, system_radio_prop);
|
#set_prop(meta_tst, system_radio_prop);
|
||||||
|
|
||||||
#Date: W16.33
|
#Date: W16.33
|
||||||
# Purpose: N Migration For CCT
|
# Purpose: N Migration For CCT
|
||||||
@ -240,31 +249,9 @@ allow meta_tst nvcfg_file:dir { search read open };
|
|||||||
#Date: W16.45
|
#Date: W16.45
|
||||||
# Purpose : Allow unmount sdcardfs mounted on /data/media
|
# Purpose : Allow unmount sdcardfs mounted on /data/media
|
||||||
allow meta_tst sdcard_type:filesystem unmount;
|
allow meta_tst sdcard_type:filesystem unmount;
|
||||||
allow meta_tst toolbox_exec:file { getattr execute execute_no_trans read open };
|
#allow meta_tst toolbox_exec:file { getattr execute execute_no_trans read open };
|
||||||
allow meta_tst storage_stub_file:dir search;
|
allow meta_tst storage_stub_file:dir search;
|
||||||
|
|
||||||
# Date: WK16.16
|
|
||||||
# Purpose: support meta mode wifi on
|
|
||||||
allow meta_tst self:netlink_route_socket { bind create getattr write nlmsg_read read nlmsg_write };
|
|
||||||
#allow meta_tst self:packet_socket { bind create write read ioctl };
|
|
||||||
#allow meta_tst net_wlan_dns_prop:property_service set;
|
|
||||||
allow meta_tst self:capability { setgid setuid };
|
|
||||||
allow meta_tst self:packet_socket create_socket_perms_no_ioctl;
|
|
||||||
allow meta_tst self:capability { setgid setuid sys_module sys_time};
|
|
||||||
#allow meta_tst wpa_exec:file getattr;
|
|
||||||
allow meta_tst wifi_data_file:dir create_dir_perms;
|
|
||||||
allow meta_tst wifi_data_file:sock_file create_file_perms;
|
|
||||||
#allow meta_tst wpa_exec:file rx_file_perms;
|
|
||||||
#allow meta_tst wpa_socket:dir create_dir_perms;
|
|
||||||
#allow meta_tst wpa_socket:sock_file create_file_perms;
|
|
||||||
allow meta_tst self:netlink_socket create_socket_perms_no_ioctl;
|
|
||||||
allow meta_tst self:rawip_socket create;
|
|
||||||
allow meta_tst self:udp_socket create_socket_perms_no_ioctl;
|
|
||||||
allow meta_tst self:rawip_socket create_socket_perms_no_ioctl;
|
|
||||||
allow meta_tst proc_ged:file r_file_perms;
|
|
||||||
allowxperm meta_tst self:udp_socket ioctl {SIOCSIFFLAGS SIOCGIFCONF SIOCIWFIRSTPRIV_08 SIOCIWFIRSTPRIV_09};
|
|
||||||
allow meta_tst meta_tst:netlink_generic_socket { read write getattr bind create setopt };
|
|
||||||
|
|
||||||
# Date : WK16.19
|
# Date : WK16.19
|
||||||
# Operation: meta_tst set persist.meta.connecttype property
|
# Operation: meta_tst set persist.meta.connecttype property
|
||||||
# Purpose: Switch meta connect type, set persist.meta.connecttype as "wifi" or "usb".
|
# Purpose: Switch meta connect type, set persist.meta.connecttype as "wifi" or "usb".
|
||||||
@ -321,11 +308,11 @@ allow meta_tst mddb_data_file:dir { search write add_name create getattr read op
|
|||||||
|
|
||||||
# Date: W17.43
|
# Date: W17.43
|
||||||
# Purpose : meta connect with mdlogger by socket.
|
# Purpose : meta connect with mdlogger by socket.
|
||||||
allow meta_tst emdlogger:unix_stream_socket connectto;
|
#allow meta_tst emdlogger:unix_stream_socket connectto;
|
||||||
|
|
||||||
# Date: W17.43
|
# Date: W17.43
|
||||||
# Purpose : meta connect with mobilelog by socket.
|
# Purpose : meta connect with mobilelog by socket.
|
||||||
allow meta_tst mobile_log_d:unix_stream_socket connectto;
|
#allow meta_tst mobile_log_d:unix_stream_socket connectto;
|
||||||
|
|
||||||
# Date: W17.43
|
# Date: W17.43
|
||||||
# Purpose : meta access mobile log.
|
# Purpose : meta access mobile log.
|
||||||
|
|||||||
@ -2,5 +2,12 @@
|
|||||||
# MTK Policy Rule
|
# MTK Policy Rule
|
||||||
# ==============================================
|
# ==============================================
|
||||||
|
|
||||||
|
# ==============================================
|
||||||
|
# Type Declaration
|
||||||
|
# ==============================================
|
||||||
|
type pre_meta, domain;
|
||||||
|
type pre_meta_exec , exec_type, file_type, vendor_file_type;
|
||||||
|
init_daemon_domain(pre_meta)
|
||||||
|
|
||||||
allow pre_meta proc_lk_env:file rw_file_perms;
|
allow pre_meta proc_lk_env:file rw_file_perms;
|
||||||
allow pre_meta para_block_device:blk_file rw_file_perms;set_prop(meta_tst, powerctl_prop);
|
allow pre_meta para_block_device:blk_file rw_file_perms;set_prop(meta_tst, powerctl_prop);
|
||||||
@ -22,10 +22,8 @@
|
|||||||
/system/bin/aee_aed64 u:object_r:aee_aed_exec:s0
|
/system/bin/aee_aed64 u:object_r:aee_aed_exec:s0
|
||||||
/system/bin/aee_dumpstate u:object_r:dumpstate_exec:s0
|
/system/bin/aee_dumpstate u:object_r:dumpstate_exec:s0
|
||||||
/system/bin/audiocmdservice_atci u:object_r:audiocmdservice_atci_exec:s0
|
/system/bin/audiocmdservice_atci u:object_r:audiocmdservice_atci_exec:s0
|
||||||
/system/bin/meta_tst u:object_r:meta_tst_exec:s0
|
|
||||||
/(system\/vendor|vendor)/bin/kisd u:object_r:kisd_exec:s0
|
/(system\/vendor|vendor)/bin/kisd u:object_r:kisd_exec:s0
|
||||||
/system/bin/factory u:object_r:factory_exec:s0
|
/system/bin/factory u:object_r:factory_exec:s0
|
||||||
/system/bin/pre_meta u:object_r:pre_meta_exec:s0
|
|
||||||
|
|
||||||
# google suggest that move aee_aedv_exec to platform @google_issue_id:64130120
|
# google suggest that move aee_aedv_exec to platform @google_issue_id:64130120
|
||||||
/(system\/vendor|vendor)/bin/aee_aedv u:object_r:aee_aedv_exec:s0
|
/(system\/vendor|vendor)/bin/aee_aedv u:object_r:aee_aedv_exec:s0
|
||||||
|
|||||||
@ -1,47 +0,0 @@
|
|||||||
# ==============================================
|
|
||||||
# Policy File of /system/bin/meta_tst Executable File
|
|
||||||
|
|
||||||
|
|
||||||
# ==============================================
|
|
||||||
# Type Declaration
|
|
||||||
# ==============================================
|
|
||||||
|
|
||||||
type meta_tst_exec , exec_type, file_type;
|
|
||||||
typeattribute meta_tst coredomain;
|
|
||||||
|
|
||||||
# ==============================================
|
|
||||||
# MTK Policy Rule
|
|
||||||
# ==============================================
|
|
||||||
|
|
||||||
init_daemon_domain(meta_tst)
|
|
||||||
|
|
||||||
# Date : WK16.12
|
|
||||||
# Operation : Migration
|
|
||||||
# Purpose : for meta mode driver module operation
|
|
||||||
#============= meta_tst =========================
|
|
||||||
|
|
||||||
allow meta_tst port:tcp_socket { name_connect name_bind };
|
|
||||||
#allow meta_tst self:capability { net_raw chown fsetid sys_nice net_admin fowner dac_override sys_admin };
|
|
||||||
allow meta_tst self:tcp_socket { create connect setopt bind };
|
|
||||||
allow meta_tst self:tcp_socket { bind setopt listen accept read write };
|
|
||||||
allow meta_tst self:udp_socket { create ioctl };
|
|
||||||
allow meta_tst self:capability { sys_boot ipc_lock };
|
|
||||||
allow meta_tst sysfs_wake_lock:file rw_file_perms;
|
|
||||||
#allow meta_tst sysfs:file write;
|
|
||||||
allow meta_tst property_socket:sock_file w_file_perms;
|
|
||||||
#allow meta_tst vold_socket:sock_file w_file_perms;
|
|
||||||
allow meta_tst init:unix_stream_socket connectto;
|
|
||||||
allow meta_tst vold:unix_stream_socket connectto;
|
|
||||||
allow meta_tst node:tcp_socket node_bind;
|
|
||||||
allow meta_tst labeledfs:filesystem unmount;
|
|
||||||
allow meta_tst shell_exec:file execute;
|
|
||||||
set_prop(meta_tst, powerctl_prop);
|
|
||||||
|
|
||||||
# Date: WK16.12
|
|
||||||
# Operation : Migration
|
|
||||||
# Purpose : for meta mode file system
|
|
||||||
allow meta_tst system_data_file:sock_file create_file_perms;
|
|
||||||
allow meta_tst system_file:file x_file_perms;
|
|
||||||
allow meta_tst system_data_file:dir w_dir_perms;
|
|
||||||
allow meta_tst block_device:dir search;
|
|
||||||
allow meta_tst rootfs:file entrypoint;
|
|
||||||
@ -1,20 +0,0 @@
|
|||||||
# ==============================================
|
|
||||||
# Type Declaration
|
|
||||||
# ==============================================
|
|
||||||
|
|
||||||
type pre_meta_exec , exec_type, file_type;
|
|
||||||
typeattribute pre_meta coredomain;
|
|
||||||
|
|
||||||
|
|
||||||
# ==============================================
|
|
||||||
# MTK Policy Rule
|
|
||||||
# ==============================================
|
|
||||||
|
|
||||||
init_daemon_domain(pre_meta)
|
|
||||||
|
|
||||||
# Date : WK16.15
|
|
||||||
# Operation : For reboot target to meta mode
|
|
||||||
# Purpose : for pre_meta daemon to access lk_env and reboot target
|
|
||||||
allow pre_meta block_device:dir search;
|
|
||||||
allow pre_meta property_socket:sock_file write;
|
|
||||||
allow pre_meta init:unix_stream_socket connectto;
|
|
||||||
@ -1,11 +0,0 @@
|
|||||||
# ==============================================
|
|
||||||
# Policy File of /system/bin/meta_tst Executable File
|
|
||||||
|
|
||||||
|
|
||||||
# ==============================================
|
|
||||||
# Type Declaration
|
|
||||||
# ==============================================
|
|
||||||
|
|
||||||
type meta_tst ,domain;
|
|
||||||
|
|
||||||
|
|
||||||
@ -1,5 +0,0 @@
|
|||||||
# ==============================================
|
|
||||||
# Policy File of /system/bin/pre_meta Executable File
|
|
||||||
|
|
||||||
type pre_meta ,domain;
|
|
||||||
|
|
||||||
Loading…
x
Reference in New Issue
Block a user