722798a334
Some rules is no need any more, need to remove it. MTK-Commit-Id: 49685f1299d990a7195a2d54b955517d8f2cc699 Change-Id: I4a590ad781589cf94989ce72c88751ac10b82eae CR-Id: ALPS03982747 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
37 lines
1.2 KiB
Plaintext
37 lines
1.2 KiB
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ==============================================
|
|
|
|
# New added for move to /system
|
|
type cmddumper_exec, exec_type, file_type;
|
|
typeattribute cmddumper coredomain;
|
|
|
|
init_daemon_domain(cmddumper)
|
|
|
|
# cmddumper access on /data/mdlog
|
|
allow cmddumper system_data_file:dir { create_dir_perms relabelfrom relabelto};
|
|
|
|
# "mdl_serv_fifo" scontext=u:r:cmddumper:s0 tcontext=u:object_r:system_data_file
|
|
allow cmddumper system_data_file:fifo_file create_file_perms;
|
|
|
|
|
|
# for modem logging sdcard access
|
|
allow cmddumper sdcard_type:dir create_dir_perms;
|
|
allow cmddumper sdcard_type:file create_file_perms;
|
|
|
|
# modem logger socket access
|
|
allow cmddumper init:unix_stream_socket connectto;
|
|
allow cmddumper property_socket:sock_file { write read };
|
|
allow cmddumper platform_app:unix_stream_socket connectto;
|
|
allow cmddumper shell_exec:file { rx_file_perms };
|
|
allow cmddumper system_file:file x_file_perms;
|
|
|
|
|
|
# purpose: allow cmddumper to access storage in N version
|
|
allow cmddumper media_rw_data_file:file { create_file_perms };
|
|
allow cmddumper media_rw_data_file:dir { create_dir_perms };
|
|
|
|
# purpose: access plat_file_contexts
|
|
allow cmddumper file_contexts_file:file { read getattr open };
|
|
|