5849c224e3
1. Mark polices which accessing proc/sysfs file system
2. Add violator attribute to modules violate vendor/system rule.
MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8
Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
24 lines
893 B
Plaintext
24 lines
893 B
Plaintext
# ==============================================
|
|
# Policy File of /system/binboot_logo_updater Executable File
|
|
# ==============================================
|
|
# Type Declaration
|
|
# ==============================================
|
|
|
|
# Date : WK14.43
|
|
# Operation : Migration
|
|
# Purpose : To access file directories and files like logo.bin
|
|
allow boot_logo_updater logo_block_device:blk_file r_file_perms;
|
|
# To access block files at /dev/block/mmcblk0 ir /dev/block/sdc
|
|
allow boot_logo_updater bootdevice_block_device:blk_file r_file_perms;
|
|
|
|
#To access file at /dev/logo
|
|
allow boot_logo_updater logo_device:chr_file r_file_perms;
|
|
# To access file at /proc/lk_env
|
|
#allow boot_logo_updater proc_lk_env:file rw_file_perms;
|
|
|
|
# Date : WK16.25
|
|
# Operation : Global_Device/Uniservice Feature
|
|
# Purpose : for it to read-write SysEnv data
|
|
allow boot_logo_updater para_block_device:blk_file rw_file_perms;
|
|
|