NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_device_mediatek_sep.../non_plat/em_svr.te
Bo Ye 5849c224e3 [ALPS03825066] P migration selinux build failed fix 
1. Mark polices which accessing proc/sysfs file system
    2. Add violator attribute to modules violate vendor/system rule.

MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8

Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
2020-01-18 09:29:36 +08:00

46 lines
2.0 KiB
Plaintext
Raw Blame History

# Date: W14.38 2014/09/17
# Operation : Migration
# Purpose : for em_svr
allow em_svr nvram_device:blk_file { read write open };
allow em_svr nvdata_device:blk_file { read write open };
allow em_svr bootdevice_block_device:blk_file { read write open };
allow em_svr misc_sd_device:chr_file { read open ioctl };
allow em_svr als_ps_device:chr_file { read ioctl open };
allow em_svr gsensor_device:chr_file { read ioctl open };
allow em_svr gyroscope_device:chr_file { read ioctl open };
typeattribute em_svr data_between_core_and_vendor_violators;
allow em_svr nvram_data_file:dir { write read open add_name search };
allow em_svr nvram_data_file:file { write getattr setattr read create open };
allow em_svr nvram_data_file:lnk_file read;
allow em_svr nvdata_file:lnk_file read;
allow em_svr nvdata_file:dir { write read open add_name search };
allow em_svr nvdata_file:file { write getattr setattr read create open };
allow em_svr nvram_device:chr_file { open read write ioctl };
typeattribute em_svr system_executes_vendor_violators;
allow em_svr thermal_manager_exec:file { getattr execute read open execute_no_trans };
allow em_svr proc_mtkcooler:dir search;
#allow em_svr proc_mtkcooler:file { read getattr open write };
allow em_svr proc_thermal:dir search;
#allow em_svr proc_thermal:file { read getattr open write };
allow em_svr proc_mtktz:dir search;
#allow em_svr proc_mtktz:file { read getattr open write };
#allow em_svr proc_slogger:file { read getattr open write };
#allow em_svr proc_lk_env:file { read getattr open write ioctl};
allow em_svr para_block_device:blk_file { read open };
# Date: 2015/12/22
# Operation : M Migration
# Purpose : Battery Log can change temperature
userdebug_or_eng(`
allow em_svr proc_battery_cmd:dir search;
#allow em_svr proc_battery_cmd:file { read getattr open write };
')
# Date : WK16.33
# Purpose: Allow to access ged for gralloc_extra functions
#allow em_svr proc_ged:file {open read write ioctl getattr};
# Date : WK17.42
# Purpose: Allow to query md log filter bin
allow em_svr md_block_device:blk_file { read open };
Reference in New Issue View Git Blame Copy Permalink