3ace839be3
Restore the policies accessing files labeled
as proc_xxx or sysfs_xxx, but there are some
exceptions for coredomain process, such as
meta_tst,dump_state,kpoc_charger
MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d
Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
18 lines
547 B
Plaintext
18 lines
547 B
Plaintext
# ==============================================
|
|
# MTK Policy Rule
|
|
# ==============================================
|
|
|
|
# Date : WK16.33
|
|
# Purpose: Allow to access ged for gralloc_extra functions
|
|
allow zygote proc_ged:file {open read write ioctl getattr};
|
|
|
|
# Date : WK17.02
|
|
# Purpose: Allow to access gpu for memtrack functions
|
|
allow zygote gpu_device:dir search;
|
|
allow zygote gpu_device:chr_file { open read write ioctl getattr};
|
|
|
|
# Date : WK17.32
|
|
# Operation : O Migration
|
|
# Purpose: Allow to access property
|
|
get_prop(zygote, graphics_config_prop)
|