[ALPS03860173] Update em_svr te file

[Detail] Update em_svr te file on Android P rules MTK-Commit-Id: 209e5983cf99919666577929b0c4861131c8c9f7 Change-Id: Ifc5c86499abbf712c3388776a993178f8d14df32 CR-Id: ALPS03860173 Feature: Engineering Mode
2020-01-18 09:37:16 +08:00 · 2020-01-18 09:37:16 +08:00 · cfa692cd89
commit cfa692cd89
parent 664c95ece8
1 changed files with 49 additions and 52 deletions
--- a/prebuilts/api/26.0/plat_private/em_svr.te
+++ b/prebuilts/api/26.0/plat_private/em_svr.te
@ -23,63 +23,60 @@ typeattribute em_svr coredomain;

 init_daemon_domain(em_svr)

-# Date: W14.38 2014/09/17
-# Operation : Migration
-# Purpose : for em_svr
-#allow em_svr proc:file write;
-#allow em_svr sysfs:file write;
-allow em_svr shell_exec:file { read execute open getattr execute_no_trans };
-allow em_svr system_file:file execute_no_trans;
+# Date: WK1812
+# Purpose: add for MD log filter
 allow em_svr block_device:dir search;
-allow em_svr graphics_device:chr_file { read write open ioctl};
+allow em_svr sdcardfs:dir { search write add_name };
+allow em_svr sdcardfs:file { write create open };
+
+allow em_svr media_rw_data_file:dir { read write search open add_name };
+allow em_svr media_rw_data_file:file { write create open };
+
+
+
+# Date: WK1812
+# Purpose: add for controlling screen on/off
 allow em_svr graphics_device:dir search;
-allow em_svr radio_data_file:dir { search write add_name create };
-allow em_svr radio_data_file:file { create write open read };
-allow em_svr sysfs_devices_system_cpu:file write;
-#allow em_svr self:capability { dac_override sys_nice fowner chown fsetid };
-allow em_svr self:process execmem;
-allow em_svr system_data_file:dir { write remove_name add_name relabelfrom create open };
-allow em_svr kernel:system module_request;
-allow em_svr sdcard_type:dir create_dir_perms;
-allow em_svr sdcard_type:file create_file_perms;
-
-
-# Date: 2015/08/09
-# Operation : M Migration
-# Purpose : set policy for surfaceflinger_service
+allow em_svr graphics_device:chr_file { open read write ioctl };
 allow em_svr surfaceflinger_service:service_manager find;
-
-# Date: 2015/08/21
-# Operation : M Migration
-# Purpose : set policy for sysfs:dir
-allow em_svr sysfs:dir write;
-
-# for use binder
 binder_use(em_svr)
 binder_call(em_svr, surfaceflinger)

-# Date: 2017/07/19
-# Operation : O Migration
-# Purpose : add policy for desense/Power/Memory access system file
-allow em_svr toolbox_exec:file { getattr execute read open execute_no_trans };
-allow em_svr vendor_toolbox_exec:file { getattr };
-#allow em_svr proc:file { open read };
-#allow em_svr sysfs:file { read };
-
-# Date: 2017/07/19
-# Operation : O Migration
-# Purpose : add policy for PSensorThreshold/PSensorData read nvram file
-allow em_svr system_data_file:lnk_file { read };
-
-# Date: 2015/09/16
-# Operation : M Migration
-# Purpose : add policy for system data file access
-allow em_svr system_data_file:file open;
-
-# Date: 2017/07/13
-# Operation: O Migration
-# Purpose: add policy for backlight file access
+# Date: WK1812
+# Purpose: add for controlling backlight
 allow em_svr sysfs_leds:dir search;
-allow em_svr sysfs_leds:lnk_file read;
-#allow em_svr sysfs:file open;
+
+# Date: WK1812
+# Purpose: add for sensor calibration
+#allow em_svr self:capability { dac_read_search dac_override chown fsetid };
+
+# Date: WK1812
+# Purpose: add for shell cmd
+allow em_svr shell_exec:file { getattr execute read open execute_no_trans };
+
+# Date: WK1812
+# Purpose: add for power battery charge/PMU
+allow em_svr toolbox_exec:file { getattr execute read open execute_no_trans };
+
+# Date: WK1812
+# Purpose: sys file access
+#allow em_svr sysfs:file { getattr read write open };
+allow em_svr sysfs:dir { open read };
+
+# Date: WK1812
+# Purpose: proc file access
+#allow em_svr proc:file { getattr open read write };
+
+
+
+
+
+
+
+
+
+
+
+
+