NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS03982747] Remove unnecessary violators

Browse Source 
Remove violators of system_executes_vendor_violators
in all .te files for Google rule.

MTK-Commit-Id: 2ea1f525e8cd6ef3cda981b2a47eabc4582fe767

Change-Id: I3940095186b1a530e7ed442cc34658c2317b9a89
CR-Id: ALPS03982747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
This commit is contained in:
mtk12101 2020-01-18 10:01:50 +08:00
parent 90e11a04ce
commit 6c68a34641
4 changed files with 0 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
non_plat/aee_aedv.te
View File

@ -432,6 +432,3 @@ allow aee_aedv proc_slabtrace:file r_file_perms;
# temp solution # temp solution
get_prop(aee_aedv, vendor_default_prop) get_prop(aee_aedv, vendor_default_prop)
typeattribute aee_aedv data_between_core_and_vendor_violators;
allow aee_aedv media_rw_data_file:dir create_dir_perms;
allow aee_aedv media_rw_data_file:file create_file_perms;

2
non_plat/cameraserver.te
View File

@ -42,7 +42,6 @@ allow cameraserver MTK_SMI_device:chr_file r_file_perms;
allow cameraserver camera_pipemgr_device:chr_file r_file_perms; allow cameraserver camera_pipemgr_device:chr_file r_file_perms;
allow cameraserver kd_camera_flashlight_device:chr_file rw_file_perms; allow cameraserver kd_camera_flashlight_device:chr_file rw_file_perms;
allow cameraserver lens_device:chr_file rw_file_perms; allow cameraserver lens_device:chr_file rw_file_perms;
typeattribute cameraserver data_between_core_and_vendor_violators;
allow cameraserver nvdata_file:dir { write search add_name }; allow cameraserver nvdata_file:dir { write search add_name };
allow cameraserver nvdata_file:file { read write getattr setattr open create }; allow cameraserver nvdata_file:file { read write getattr setattr open create };
allow cameraserver nvram_data_file:dir search; allow cameraserver nvram_data_file:dir search;
@ -311,7 +310,6 @@ allow cameraserver gpu_device:dir search;
allow cameraserver property_socket:sock_file write; allow cameraserver property_socket:sock_file write;
allow cameraserver proc:file getattr; allow cameraserver proc:file getattr;
allow cameraserver shell_exec:file { execute read getattr open}; allow cameraserver shell_exec:file { execute read getattr open};
typeattribute cameraserver system_executes_vendor_violators;
allow cameraserver init:unix_stream_socket connectto; allow cameraserver init:unix_stream_socket connectto;
# Date : WK16.32 # Date : WK16.32

7
non_plat/mediaserver.te
View File

@ -293,13 +293,6 @@ allow mediaserver camera_dpe_device:chr_file rw_file_perms;
# Purpose : TSF Driver # Purpose : TSF Driver
allow mediaserver camera_tsf_device:chr_file rw_file_perms; allow mediaserver camera_tsf_device:chr_file rw_file_perms;
# Date : WK1631
# Operation : N Migration
# Purpose : add permission for thermal manager
typeattribute mediaserver system_executes_vendor_violators;
# Date : WK16.32 # Date : WK16.32
# Operation : N Migration # Operation : N Migration
# Purpose : RSC Driver # Purpose : RSC Driver

9
non_plat/untrusted_app.te
View File

@ -32,15 +32,6 @@ allow untrusted_app_25 sysfs_batteryinfo:file { getattr open read };
allow untrusted_app_25 sysfs_therm:dir { open read search }; allow untrusted_app_25 sysfs_therm:dir { open read search };
allow untrusted_app_25 sysfs_therm:file { getattr open read }; allow untrusted_app_25 sysfs_therm:file { getattr open read };
# Date : 2017/08/10
# Operation: Development RenderScript opt
# Purpose : Allow RenderScript Opt RS2CL to invoke standalone executable
# properly for thermal tests at OEM/ODM.
typeattribute untrusted_app_25 system_executes_vendor_violators;
allow untrusted_app_25 vendor_file:file execute_no_trans;
typeattribute untrusted_app system_executes_vendor_violators;
allow untrusted_app vendor_file:file execute_no_trans;
# Date : WK17.39 # Date : WK17.39
# Stage: O Migration, SQC # Stage: O Migration, SQC
# Purpose: Allow to use HAL PQ # Purpose: Allow to use HAL PQ