[Detail] enable PRODUCT_COMPATIBLE_PROPERTY_OVERRIDE = true, will cause build error [Solution] Mark rules that violate AOSP neverallow rules MTK-Commit-Id: c850c6f1fcb8de76235ea2be51becb7a2ccc6190 Change-Id: Ib9a80f4495d6db588133f929c9ea70e7215ad2aa CR-Id: ALPS03881723 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
31 lines
1011 B
Plaintext
31 lines
1011 B
Plaintext
# ==============================================
|
|
# Policy File of /system/bin/md_ctrl Executable File
|
|
|
|
# ==============================================
|
|
# Type Declaration
|
|
# ==============================================
|
|
type md_ctrl, domain;
|
|
type md_ctrl_exec, exec_type, file_type, vendor_file_type;
|
|
|
|
# ==============================================
|
|
# MTK Policy Rule
|
|
# ==============================================
|
|
# Date : WK14.46
|
|
# Operation : Migration
|
|
# Purpose : Start md_ctrl
|
|
|
|
init_daemon_domain(md_ctrl)
|
|
allow md_ctrl ccci_device:chr_file { rw_file_perms };
|
|
allow md_ctrl devpts:chr_file { rw_file_perms };
|
|
#allow md_ctrl self:capability dac_override;
|
|
allow md_ctrl muxreport_exec:file rx_file_perms;
|
|
allow md_ctrl emd_device:chr_file { rw_file_perms };
|
|
allow md_ctrl eemcs_device:chr_file { rw_file_perms };
|
|
|
|
# Needed to set vold.encryption.type
|
|
#set_prop(md_ctrl, vold_prop)
|
|
|
|
# Allow read to sys/kernel/ccci/* files
|
|
allow md_ctrl sysfs_ccci:dir search;
|
|
allow md_ctrl sysfs_ccci:file r_file_perms;
|