78d7f51370
[Detail] System processes have no permission to access vendor_default_prop [Solution] Add get vendor_default_prop rule for system processes MTK-Commit-Id: 412119fb578fc32e9f046c09a13817cf3c755515 Change-Id: I791997e6bb44c61b69d32c6da0cc80c6f2a9759e CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
18 lines
558 B
Plaintext
18 lines
558 B
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ==============================================
|
|
|
|
# Date : WK16.33
|
|
# Purpose: Allow to access ged for gralloc_extra functions
|
|
allow zygote proc_ged:file {open read write ioctl getattr};
|
|
|
|
# Date : WK17.02
|
|
# Purpose: Allow to access gpu for memtrack functions
|
|
allow zygote gpu_device:dir search;
|
|
allow zygote gpu_device:chr_file { open read write ioctl getattr};
|
|
|
|
# Date : WK18.20
|
|
# Operation : Migration
|
|
# Purpose : no permission for vendor_default_prop
|
|
get_prop(zygote, vendor_default_prop)
|