05f5d87b88
[Detail] Googles new commit
neverallow coredomain from writing vendor properties
cause build break
cdb1624c27
[Solution] Declare system_writes_vendor_properties_violators as workaround
MTK-Commit-Id: 2b19515d2d98945b0aadfbc9043352ae927497f3
Change-Id: I7be59b6811f6c75ea47da205be902417311fe1d0
CR-Id: ALPS03881723
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
25 lines
707 B
Plaintext
25 lines
707 B
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ============
|
|
|
|
# Date : WK14.37
|
|
# Operation : Migration
|
|
# Purpose : for opetator
|
|
typeattribute bootanim system_writes_vendor_properties_violators;
|
|
allow bootanim bootani_prop:property_service set;
|
|
|
|
# Date : WK14.46
|
|
# Operation : Migration
|
|
# Purpose : For MTK Emulator HW GPU
|
|
allow bootanim qemu_pipe_device:chr_file rw_file_perms;
|
|
|
|
# Date : WK16.33
|
|
# Purpose: Allow to access ged for gralloc_extra functions
|
|
allow bootanim proc_ged:file {open read write ioctl getattr};
|
|
|
|
# Date : WK17.43
|
|
# Operation : Migration
|
|
# Purpose : For MTK perfmgr
|
|
allow bootanim proc_perfmgr:dir {search read};
|
|
allow bootanim proc_perfmgr:file {open read ioctl};
|