NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_device_mediatek_sep.../r_non_plat/aee_aed.te
Juju Sung 61d7044c46 [ALPS04767749] Selinux: Add new TE path 
[Detail]
New sepolicy path declared and also support
legacy android.

MTK-Commit-Id: 8982268bbef8f852c153428f1a5f83849953c7c2

Change-Id: Ic10f297a312ff2e89e44a0aa323ffa11bc78ff6e
CR-Id: ALPS04767749
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
2020-01-18 10:19:48 +08:00

72 lines
2.3 KiB
Plaintext
Raw Blame History

# ==============================================
# Policy File of /system/bin/aee_aed Executable File
# ==============================================
# MTK Policy Rule
# ==============================================
# Date : WK14.32
# Operation : AEE UT
# Purpose : for AEE module
allow aee_aed aed_device:chr_file rw_file_perms;
allow aee_aed expdb_device:chr_file rw_file_perms;
allow aee_aed expdb_block_device:blk_file rw_file_perms;
allow aee_aed bootdevice_block_device:blk_file rw_file_perms;
allow aee_aed etb_device:chr_file rw_file_perms;
# open/dev/mtd/mtd12 failed(expdb)
allow aee_aed mtd_device:dir create_dir_perms;
allow aee_aed mtd_device:chr_file rw_file_perms;
# NE flow: /dev/RT_Monitor
allow aee_aed RT_Monitor_device:chr_file r_file_perms;
#data/aee_exp
allow aee_aed aee_exp_data_file:dir create_dir_perms;
allow aee_aed aee_exp_data_file:file create_file_perms;
#data/dumpsys
allow aee_aed aee_dumpsys_data_file:dir create_dir_perms;
allow aee_aed aee_dumpsys_data_file:file create_file_perms;
#/data/core
allow aee_aed aee_core_data_file:dir create_dir_perms;
allow aee_aed aee_core_data_file:file create_file_perms;
# /data/data_tmpfs_log
allow aee_aed data_tmpfs_log_file:dir create_dir_perms;
allow aee_aed data_tmpfs_log_file:file create_file_perms;
# Purpose: aee_aed set property
set_prop(aee_aed, persist_mtk_aee_prop);
set_prop(aee_aed, persist_aee_prop);
set_prop(aee_aed, debug_mtk_aee_prop);
# /proc/lk_env
allow aee_aed proc_lk_env:file rw_file_perms;
# Purpose: Allow aee_aed to read /proc/pid/exe
#allow aee_aed exec_type:file r_file_perms;
# Purpose: Allow aee_aed to read /proc/cpu/alignment
allow aee_aed proc_cpu_alignment:file { write open };
# Purpose: Allow aee_aed to access /sys/devices/virtual/timed_output/vibrator/enable
allow aee_aed sysfs_vibrator_setting:dir search;
allow aee_aed sysfs_vibrator_setting:file w_file_perms;
allow aee_aed sysfs_vibrator:dir search;
allow aee_aed sysfs_leds:dir search;
# Purpose: Allow aee_aed to read /proc/kpageflags
allow aee_aed proc_kpageflags:file r_file_perms;
# temp solution
get_prop(aee_aed, vendor_default_prop)
hal_client_domain(aee_aed, mtk_hal_log)
# Purpose: create /data/aee_exp at runtime
allow aee_aed file_contexts_file:file r_file_perms;
allow aee_aed system_data_file:dir { relabelfrom setattr };
allow aee_aed aee_exp_data_file:dir relabelto;
Reference in New Issue View Git Blame Copy Permalink