8ef11ef3fe
[Solution] Move stp_dump to system image to follow SEPolicy rules MTK-Commit-Id: f3e5e4f43b6c506109caf2e01d1a61ee0223300e Change-Id: I1252c1e5b682f97ff36a66d070b33368be05fd0f CR-Id: ALPS03951556 Feature: [Module]WMT Driver Signed-off-by: Robbin Chiu <robbin.chiu@mediatek.com>
46 lines
2.0 KiB
Plaintext
46 lines
2.0 KiB
Plaintext
# ==============================================
|
|
# Policy File of /system/binstp_dump3 Executable File
|
|
|
|
|
|
# ==============================================
|
|
# Type Declaration
|
|
# ==============================================
|
|
|
|
type stp_dump3_exec, exec_type, file_type;
|
|
type stp_dump3, domain;
|
|
typeattribute stp_dump3 coredomain;
|
|
|
|
# ==============================================
|
|
# Android Policy Rule
|
|
# ==============================================
|
|
|
|
# ==============================================
|
|
# NSA Policy Rule
|
|
# ==============================================
|
|
|
|
# ==============================================
|
|
# MTK Policy Rule
|
|
# ==============================================
|
|
file_type_auto_trans(stp_dump3,system_data_file,stp_dump_data_file)
|
|
allow stp_dump3 self:capability { net_admin fowner chown fsetid };
|
|
allow stp_dump3 self:netlink_socket { read write getattr bind create setopt };
|
|
allow stp_dump3 self:netlink_generic_socket { read write getattr bind create setopt };
|
|
allow stp_dump3 media_rw_data_file:dir { add_name setattr };
|
|
allow stp_dump3 media_rw_data_file:dir rmdir;
|
|
allow stp_dump3 media_rw_data_file:dir { open read write create setattr getattr add_name remove_name search};
|
|
allow stp_dump3 media_rw_data_file:file { open read write create setattr getattr append unlink rename};
|
|
allow stp_dump3 wmtdetect_device:chr_file { read write ioctl open };
|
|
allow stp_dump3 stpwmt_device:chr_file { read write ioctl open };
|
|
allow stp_dump3 tmpfs:lnk_file r_file_perms;
|
|
allow stp_dump3 tmpfs:lnk_file read;
|
|
allow stp_dump3 mnt_user_file:dir search;
|
|
allow stp_dump3 mnt_user_file:lnk_file read;
|
|
allow stp_dump3 storage_file:lnk_file read;
|
|
allow stp_dump3 sdcard_type:dir search;
|
|
allow stp_dump3 sdcard_type:dir {open read write create setattr getattr add_name remove_name search};
|
|
allow stp_dump3 sdcard_type:file { open read write create setattr getattr append unlink rename};
|
|
allow stp_dump3 sdcard_type:file create_file_perms;
|
|
allow stp_dump3 stp_dump_data_file:dir create_dir_perms;
|
|
allow stp_dump3 stp_dump_data_file:file create_file_perms;
|
|
init_daemon_domain(stp_dump3)
|