61d7044c46
[Detail] New sepolicy path declared and also support legacy android. MTK-Commit-Id: 8982268bbef8f852c153428f1a5f83849953c7c2 Change-Id: Ic10f297a312ff2e89e44a0aa323ffa11bc78ff6e CR-Id: ALPS04767749 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
68 lines
2.4 KiB
Plaintext
68 lines
2.4 KiB
Plaintext
# ==============================================
|
|
# Policy File of /system/bin/fuelgauged_nvram Executable File
|
|
|
|
# ==============================================
|
|
# Type Declaration
|
|
# ==============================================
|
|
type fuelgauged_nvram ,domain;
|
|
type fuelgauged_nvram_exec , exec_type, file_type, vendor_file_type;
|
|
type fuelgauged_nvram_file, file_type, data_file_type;
|
|
|
|
# ==============================================
|
|
# Android Policy Rule
|
|
# ==============================================
|
|
|
|
# ==============================================
|
|
# NSA Policy Rule
|
|
# ==============================================
|
|
|
|
# ==============================================
|
|
# MTK Policy Rule
|
|
# ==============================================
|
|
|
|
init_daemon_domain(fuelgauged_nvram)
|
|
|
|
# Data : WK16.21
|
|
# Operation : New Feature
|
|
# Purpose : For fg daemon can do nvram r/w to save car_tune_value
|
|
allow fuelgauged_nvram nvdata_file:dir rw_dir_perms;
|
|
allow fuelgauged_nvram nvdata_file:file {rw_file_perms create_file_perms};
|
|
allow fuelgauged_nvram nvram_data_file:lnk_file rw_file_perms;
|
|
allow fuelgauged_nvram nvdata_file:lnk_file rw_file_perms;
|
|
|
|
allow fuelgauged_nvram fuelgauged_file:dir rw_dir_perms;
|
|
allow fuelgauged_nvram fuelgauged_file:file {rw_file_perms create_file_perms};
|
|
|
|
# Data : W16.43
|
|
# Operation : New Feature
|
|
# Purpose : Change from /data to /cache
|
|
allow fuelgauged_nvram self:capability { chown };
|
|
allow fuelgauged_nvram kmsg_device:chr_file { write open };
|
|
allow fuelgauged_nvram self:capability fsetid;
|
|
|
|
# Data : W17.34
|
|
# Operation : New Feature
|
|
# Purpose : fgauge_nvram could use IOCTL
|
|
allow fuelgauged_nvram MT_pmic_adc_cali_device:chr_file rw_file_perms;
|
|
|
|
# Date: W18.03
|
|
# Operation : change fuelgagued_nvram access from cache to nvcfg
|
|
# Purpose : add fuelgauged to nvcfg read write permit
|
|
# need add label
|
|
allow fuelgauged_nvram sysfs:file { read open };
|
|
allow fuelgauged_nvram nvcfg_file:dir { search write open read add_name create getattr};
|
|
allow fuelgauged_nvram nvcfg_file:file { read write getattr open create };
|
|
|
|
# Date: W18.17
|
|
# Operation : add label for /sys/devices/platform/battery(/.*)
|
|
# Purpose : add fuelgauged could access
|
|
r_dir_file(fuelgauged_nvram, sysfs_batteryinfo)
|
|
|
|
|
|
# Date : WK18.21
|
|
# Operation: P migration
|
|
# Purpose: Allow to search /mnt/vendor/nvdata for fstab when using NVM_Init()
|
|
allow fuelgauged_nvram mnt_vendor_file:dir search;
|
|
|
|
allow fuelgauged_nvram sysfs_boot_mode:file { open read };
|