05f5d87b88
[Detail] Googles new commit
neverallow coredomain from writing vendor properties
cause build break
cdb1624c27
[Solution] Declare system_writes_vendor_properties_violators as workaround
MTK-Commit-Id: 2b19515d2d98945b0aadfbc9043352ae927497f3
Change-Id: I7be59b6811f6c75ea47da205be902417311fe1d0
CR-Id: ALPS03881723
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
27 lines
861 B
Plaintext
27 lines
861 B
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ============
|
|
|
|
# Date : WK16.46
|
|
# Purpose : allow shell to switch aee mode
|
|
allow shell aee_aed:unix_stream_socket connectto;
|
|
|
|
# Date : WK17.35
|
|
# Purpose : allow shell to dump the debugging information of camera hal.
|
|
allow shell hal_camera_hwservice:hwservice_manager { find };
|
|
binder_call(shell, mtk_hal_camera)
|
|
|
|
# Date : WK17.35
|
|
# Purpose : allow shell to set mtkcam property.
|
|
typeattribute shell system_writes_vendor_properties_violators;
|
|
set_prop(shell, mtkcam_prop)
|
|
|
|
# Date : WK17.36
|
|
# Purpose : allow shell to dump the debugging information of power hal.
|
|
hal_client_domain(shell, hal_power)
|
|
allow shell aee_exp_vendor_file:dir r_dir_perms;
|
|
allow shell aee_exp_vendor_file:file r_file_perms;
|
|
allow shell aee_exp_data_file:dir r_dir_perms;
|
|
allow shell aee_exp_data_file:file r_file_perms;
|
|
|