NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS03841839] Add policy for using nvram function

Browse Source 
[Detail]
The P version change nvdata path to /mnt/vendor/nvdata.
If want to open fstab when using nvram function,
it needs search policy.

[Solution]
allow xxx mnt_vendor_file:dir search

MTK-Commit-Id: a34d6ff7cf3b1545014a45f5052f7dbddf93808a

Change-Id: I2730d51963d3859008b4a53f06329ef0a23eb8f4
CR-Id: ALPS03841839
Feature: NVRAM Partition
This commit is contained in:
Denis Hsu 2020-01-18 09:51:51 +08:00
parent 042172187a
commit 6878563342
5 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
non_plat/ccci_mdinit.te
View File

@ -100,3 +100,9 @@ allow ccci_mdinit sysfs:file r_file_perms;
# Purpose : Allow ccci_mdinit to open and read/write /proc/bootprof
allow ccci_mdinit proc:file rw_file_perms;
allow ccci_mdinit proc:file getattr;
# Date : WK18.21
# Operation: P migration
# Purpose: Allow to search /mnt/vendor/nvdata for fstab when using NVM_Init()
allow ccci_mdinit mnt_vendor_file:dir search;

5
non_plat/fuelgauged.te
View File

@ -89,3 +89,8 @@ allow fuelgauged nvcfg_file:file { read write getattr open create };
# Purpose : add fuelgauged could access
r_dir_file(fuelgauged, sysfs_batteryinfo);
# Date : WK18.21
# Operation: P migration
# Purpose: Allow to search /mnt/vendor/nvdata for fstab when using NVM_Init()
allow fuelgauged mnt_vendor_file:dir search;

7
non_plat/fuelgauged_nvram.te
View File

@ -66,3 +66,10 @@ allow fuelgauged_nvram nvcfg_file:file { read write getattr open create };
# Operation : add label for /sys/devices/platform/battery(/.*)
# Purpose : add fuelgauged could access
r_dir_file(fuelgauged_nvram, sysfs_batteryinfo)
# Date : WK18.21
# Operation: P migration
# Purpose: Allow to search /mnt/vendor/nvdata for fstab when using NVM_Init()
allow fuelgauged_nvram mnt_vendor_file:dir search;

5
non_plat/mtk_hal_audio.te
View File

@ -232,3 +232,8 @@ binder_call(mtk_hal_audio, mtk_hal_power)
binder_call(mtk_hal_audio, merged_hal_service)
# cm4 smartpa
allow mtk_hal_audio audio_ipi_device:chr_file { read write ioctl open };
# Date : WK18.21
# Operation: P migration
# Purpose: Allow to search /mnt/vendor/nvdata for fstab when using NVM_Init()
allow mtk_hal_audio mnt_vendor_file:dir search;

7
non_plat/mtk_hal_sensors.te
View File

@ -62,3 +62,10 @@ allow mtk_hal_sensors sensor_data_file:dir create_dir_perms;
# for nvcfg
allow mtk_hal_sensors nvcfg_file:file create_file_perms;
allow mtk_hal_sensors nvcfg_file:dir create_dir_perms;
# Date : WK18.21
# Operation: P migration
# Purpose: Allow to search /mnt/vendor/nvdata for fstab when using NVM_Init()
allow mtk_hal_sensors mnt_vendor_file:dir search;