NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_device_mediatek_sep.../non_plat/fuelgauged_nvram.te
Timo Liao da81d68ea4 [ALPS03890927] battery: fix selinux policy 
[Detail]
fix selinux policy

MTK-Commit-Id: 17d51da9d602ae8e9fed3d331352c7952dc92098

Change-Id: Id96cebd12ae9a9aec60089868951e26c569e8916
Signed-off-by: Timo Liao <timo.liao@mediatek.com>
CR-Id: ALPS03890927
Feature: Fuel Gauge
2020-01-18 09:55:43 +08:00

77 lines
2.8 KiB
Plaintext
Raw Blame History

# ==============================================
# Policy File of /system/bin/fuelgauged_nvram Executable File
# ==============================================
# Type Declaration
# ==============================================
type fuelgauged_nvram ,domain;
type fuelgauged_nvram_exec , exec_type, file_type, vendor_file_type;
type fuelgauged_nvram_file, file_type, data_file_type;
# ==============================================
# Android Policy Rule
# ==============================================
# ==============================================
# NSA Policy Rule
# ==============================================
# ==============================================
# MTK Policy Rule
# ==============================================
init_daemon_domain(fuelgauged_nvram)
# Data : WK16.21
# Operation : New Feature
# Purpose : For fg daemon can access /data/FG folder
#file_type_auto_trans(fuelgauged_nvram, system_data_file, fuelgauged_nvram_file);
#allow fuelgauged_nvram fuelgauged_nvram_file:file rw_file_perms;
#allow fuelgauged_nvram system_data_file:dir rw_dir_perms;
# Data : WK16.21
# Operation : New Feature
# Purpose : For fg daemon can do nvram r/w to save car_tune_value
allow fuelgauged_nvram nvdata_file:dir rw_dir_perms;
allow fuelgauged_nvram nvdata_file:file {rw_file_perms create_file_perms};
allow fuelgauged_nvram nvram_data_file:lnk_file rw_file_perms;
allow fuelgauged_nvram nvdata_file:lnk_file rw_file_perms;
allow fuelgauged_nvram fuelgauged_file:dir rw_dir_perms;
allow fuelgauged_nvram fuelgauged_file:file {rw_file_perms create_file_perms};
# Data : W16.43
# Operation : New Feature
# Purpose : Change from /data to /cache
#allow fuelgauged_nvram cache_file:file {rw_file_perms create_file_perms};
#allow fuelgauged_nvram cache_file:dir {rw_dir_perms create_dir_perms};
#allow fuelgauged_nvram self:capability { dac_read_search dac_override chown };
allow fuelgauged_nvram kmsg_device:chr_file { write open };
allow fuelgauged_nvram self:capability fsetid;
# Data : W17.34
# Operation : New Feature
# Purpose : fgauge_nvram could use IOCTL
allow fuelgauged_nvram MT_pmic_adc_cali_device:chr_file rw_file_perms;
# Date: W18.03
# Operation : change fuelgagued_nvram access from cache to nvcfg
# Purpose : add fuelgauged to nvcfg read write permit
# need add label
allow fuelgauged_nvram sysfs:file { read open };
allow fuelgauged_nvram nvcfg_file:dir { search write open read add_name create getattr};
allow fuelgauged_nvram nvcfg_file:file { read write getattr open create };
# Date: W18.17
# Operation : add label for /sys/devices/platform/battery(/.*)
# Purpose : add fuelgauged could access
r_dir_file(fuelgauged_nvram, sysfs_batteryinfo)
# Date : WK18.21
# Operation: P migration
# Purpose: Allow to search /mnt/vendor/nvdata for fstab when using NVM_Init()
allow fuelgauged_nvram mnt_vendor_file:dir search;
allow fuelgauged_nvram sysfs_boot_mode:file { open read };
Reference in New Issue View Git Blame Copy Permalink