05f5d87b88
[Detail] Googles new commit
neverallow coredomain from writing vendor properties
cause build break
cdb1624c27
[Solution] Declare system_writes_vendor_properties_violators as workaround
MTK-Commit-Id: 2b19515d2d98945b0aadfbc9043352ae927497f3
Change-Id: I7be59b6811f6c75ea47da205be902417311fe1d0
CR-Id: ALPS03881723
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
30 lines
1.2 KiB
Plaintext
30 lines
1.2 KiB
Plaintext
# Purpose : for access storage file
|
|
allow netdiag sdcard_type:dir create_dir_perms;
|
|
allow netdiag sdcard_type:file create_file_perms;
|
|
allow netdiag net_data_file:file r_file_perms;
|
|
allow netdiag net_data_file:dir search;
|
|
allow netdiag storage_file:dir search;
|
|
allow netdiag storage_file:lnk_file read;
|
|
allow netdiag mnt_user_file:dir search;
|
|
allow netdiag mnt_user_file:lnk_file read;
|
|
allow netdiag platform_app:dir search;
|
|
allow netdiag untrusted_app:dir search;
|
|
allow netdiag mnt_media_rw_file:dir search;
|
|
allow netdiag vfat:dir create_dir_perms;
|
|
allow netdiag vfat:file create_file_perms;
|
|
allow netdiag tmpfs:lnk_file read;
|
|
|
|
#Purpose : for network log property
|
|
typeattribute netdiag system_writes_vendor_properties_violators;
|
|
set_prop(netdiag, debug_netlog_prop)
|
|
set_prop(netdiag, persist_mtklog_prop)
|
|
set_prop(netdiag, debug_mtklog_prop)
|
|
|
|
# Purpose : for acess /system/bin/toybox, mmc_prop,proc_net and safemode_prop
|
|
allow netdiag device_logging_prop:file { getattr open };
|
|
allow netdiag mmc_prop:file { getattr open };
|
|
|
|
# purpose: allow netdiag to access storage in new version
|
|
allow netdiag media_rw_data_file:file { create_file_perms };
|
|
allow netdiag media_rw_data_file:dir { create_dir_perms };
|