lineage/android_device_samsung_mondrianwifi
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

mondrianwifi: sepolicy

Browse source
This commit is contained in:
nyyu 2022-08-25 20:23:34 +02:00
parent 1bb49e7c55
commit e242699bd3
14 changed files with 28 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
BoardConfig.mk
View file

@ -44,7 +44,7 @@ DEVICE_MANIFEST_FILE += $(DEVICE_PATH)/manifest.xml
# Kernel
BOARD_KERNEL_BASE := 0x00000000
BOARD_KERNEL_CMDLINE := console=null androidboot.hardware=qcom user_debug=31 msm_rtb.filter=0x37 ehci-hcd.park=3 zcache.enabled=1 zcache.compressor=lz4 androidboot.selinux=permissive
BOARD_KERNEL_CMDLINE := console=null androidboot.hardware=qcom user_debug=31 msm_rtb.filter=0x37 ehci-hcd.park=3 zcache.enabled=1 zcache.compressor=lz4
BOARD_KERNEL_IMAGE_NAME := zImage
BOARD_KERNEL_PAGESIZE := 2048
BOARD_KERNEL_SEPARATED_DT := true

1
sepolicy/common/audioserver.te Normal file
View file

@ -0,0 +1 @@
allow audioserver vendor_default_prop:file r_file_perms;

5
sepolicy/common/file_contexts
View file

@ -2,9 +2,12 @@
/misc u:object_r:misc_block_device:s0
# DRM
/(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.3-service\.clearkey u:object_r:hal_drm_clearkey_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.4-service\.clearkey u:object_r:hal_drm_clearkey_exec:s0
/data/vendor/mediadrm(/.*)? u:object_r:mediadrm_vendor_data_file:s0
# Power
/(vendor|system/vendor)/bin/hw/android\.hardware\.light(@[0-9].[0-9])?-service\.samsung u:object_r:hal_light_default_exec:s0
# sysfs - iio
/sys/bus/iio/devices/iio:device[0-9]+(/.*)? u:object_r:sysfs_iio:s0
/sys/devices/[a-f0-9]+\.i2c/i2c-[0-9]+/[0-9]+-[0-9]+/iio:device[0-9](/.*)? u:object_r:sysfs_iio:s0

1
sepolicy/common/hal_gnss_default.te Normal file
View file

@ -0,0 +1 @@
allow hal_gnss_default system_prop:file r_file_perms;

1
sepolicy/common/hal_graphics_allocator_default.te Normal file
View file

@ -0,0 +1 @@
allow hal_graphics_allocator_default default_prop:file r_file_perms;

2
sepolicy/common/hal_graphics_composer_default.te Normal file
View file

@ -0,0 +1,2 @@
allow hal_graphics_composer_default default_prop:file r_file_perms;
allow hal_graphics_composer_default system_prop:file r_file_perms;

2
sepolicy/common/hal_sensors_default.te
View file

@ -1 +1,3 @@
allow hal_sensors_default default_prop:file r_file_perms;
allow hal_sensors_default proc:file r_file_perms;
allow hal_sensors_default sensors_data_file:file create_file_perms;

2
sepolicy/common/init.te
View file

@ -1,2 +1,4 @@
allow init sysfs:file setattr;
allow init sysfs_graphics:file rw_file_perms;
allow init sysfs_sec_touchkey:file rw_file_perms;
allow init system_file:file execute_no_trans;

1
sepolicy/common/mediacodec.te Normal file
View file

@ -0,0 +1 @@
allow mediacodec default_prop:file r_file_perms;

2
sepolicy/common/mediaserver.te Normal file
View file

@ -0,0 +1,2 @@
allow mediaserver package_native_service:service_manager find;
allow mediaserver vendor_default_prop:file r_file_perms;

1
sepolicy/common/mm-qcamerad.te Normal file
View file

@ -0,0 +1 @@
allow mm-qcamerad default_prop:file r_file_perms;

1
sepolicy/common/mpdecision.te Normal file
View file

@ -0,0 +1 @@
allow mpdecision default_prop:file r_file_perms;

2
sepolicy/common/system_server.te Normal file
View file

@ -0,0 +1,2 @@
allow system_server init:binder call;
allow system_server build_bootimage_prop:file r_file_perms;

7
sepolicy/common/vendor_init.te Normal file
View file

@ -0,0 +1,7 @@
allow vendor_init apexd_prop:file read;
allow vendor_init bootanim_system_prop:file read;
allow vendor_init default_prop:property_service set;
allow vendor_init radio_core_data_file:dir { getattr search setattr };
allow vendor_init shell_prop:file read;
allow vendor_init system_prop:file r_file_perms;
allow vendor_init system_prop:property_service set;