b189b5f35a
[Detail] vendor_init will parse meta_init.rc to ifup lo,which needs some selinux policy. when meta mode has enabled loopback, gps tool can run normally [Solution] add selinux rule to up lo interface MTK-Commit-Id: b351d14a284871dae0783f4d48278a1fde515f4d Change-Id: I962bfc0002a76d34e5366869cb5fea46ae1453da CR-Id: ALPS03974446 Feature: Location Chipset Capability
46 lines
1.8 KiB
Plaintext
46 lines
1.8 KiB
Plaintext
allow vendor_init exported3_system_prop:property_service set;
|
|
allow vendor_init dalvik_prop:property_service set;
|
|
|
|
allow vendor_init ffs_prop:property_service set;
|
|
allow vendor_init mediatek_prop:property_service set;
|
|
allow vendor_init mtk_md_version_prop:property_service set;
|
|
allow vendor_init mtk_volte_prop:property_service set;
|
|
allow vendor_init vendor_radio_prop:property_service set;
|
|
allow vendor_init mtk_ril_mode_prop:property_service set;
|
|
allow vendor_init wmt_prop:property_service set;
|
|
|
|
allow vendor_init proc:file write;
|
|
allow vendor_init proc_bootprof:file write;
|
|
allow vendor_init rootfs:dir { write add_name setattr };
|
|
allow vendor_init self:capability sys_module;
|
|
|
|
allow vendor_init tmpfs:dir { write create add_name };
|
|
allow vendor_init unlabeled:dir { relabelfrom getattr setattr search };
|
|
allow vendor_init vendor_file:system module_load;
|
|
|
|
allow vendor_init kmsg_device:chr_file unlink;
|
|
set_prop(vendor_init, persist_mtk_aee_prop)
|
|
set_prop(vendor_init, ro_mtk_aee_prop)
|
|
set_prop(vendor_init, vendor_usb_prop)
|
|
set_prop(vendor_init, mtk_ct_volte_prop)
|
|
set_prop(vendor_init, mtk_gps_support_prop)
|
|
set_prop(vendor_init, mtk_rat_config_prop)
|
|
set_prop(vendor_init, mtk_aal_ro_prop)
|
|
set_prop(vendor_init, mtk_pq_ro_prop)
|
|
set_prop(vendor_init, mtk_default_prop)
|
|
|
|
set_prop(vendor_init, mtk_emmc_support_prop)
|
|
|
|
# allow create symbolic link, /mnt/sdcard, for meta/factory mode
|
|
allow vendor_init tmpfs:lnk_file create;
|
|
|
|
set_prop(vendor_init, mtk_cxp_vendor_prop)
|
|
|
|
# Run "ifup lo" to bring up the localhost interface
|
|
allow vendor_init proc_hostname:file w_file_perms;
|
|
allow vendor_init self:udp_socket { create ioctl };
|
|
# in addition to unpriv ioctls granted to all domains, init also needs:
|
|
allowxperm vendor_init self:udp_socket ioctl { SIOCSIFFLAGS };
|
|
allow vendor_init self:global_capability_class_set net_raw;
|
|
|