msm8974-common: sepolicy
This commit is contained in:
parent
25b53ebb61
commit
c7f3de6465
@ -6,6 +6,7 @@ type proc_last_kmsg, fs_type, proc_type;
|
|||||||
type sysfs_battery, sysfs_type, fs_type;
|
type sysfs_battery, sysfs_type, fs_type;
|
||||||
type sysfs_battery_writable, sysfs_type, fs_type;
|
type sysfs_battery_writable, sysfs_type, fs_type;
|
||||||
type sysfs_camera, fs_type, sysfs_type;
|
type sysfs_camera, fs_type, sysfs_type;
|
||||||
|
type sysfs_hal_health_service, sysfs_type, fs_type;
|
||||||
type sysfs_hal_pwr, fs_type, sysfs_type;
|
type sysfs_hal_pwr, fs_type, sysfs_type;
|
||||||
type sysfs_iio, fs_type, sysfs_type;
|
type sysfs_iio, fs_type, sysfs_type;
|
||||||
type sysfs_input, fs_type, sysfs_type;
|
type sysfs_input, fs_type, sysfs_type;
|
||||||
@ -24,5 +25,6 @@ type sysfs_usb_otg, fs_type, sysfs_type;
|
|||||||
type sysfs_wifi_writeable, fs_type, sysfs_type;
|
type sysfs_wifi_writeable, fs_type, sysfs_type;
|
||||||
|
|
||||||
type bt_fw_file, file_type;
|
type bt_fw_file, file_type;
|
||||||
|
type netlink_kobject_uevent_socket, file_type;
|
||||||
type nfc_fw_file, file_type;
|
type nfc_fw_file, file_type;
|
||||||
type wifi_efs_file, file_type;
|
type wifi_efs_file, file_type;
|
||||||
|
@ -26,6 +26,7 @@
|
|||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.audio\.service\.samsung8974 u:object_r:hal_audio_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.audio\.service\.samsung8974 u:object_r:hal_audio_default_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.software u:object_r:hal_gatekeeper_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.software u:object_r:hal_gatekeeper_default_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.ir@1\.0-service\.samsung u:object_r:hal_ir_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.ir@1\.0-service\.samsung u:object_r:hal_ir_default_exec:s0
|
||||||
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.health-service\.samsung u:object_r:hal_health_default_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.samsung u:object_r:hal_light_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.samsung u:object_r:hal_light_default_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.sensors@1\.0-service.samsung8974 u:object_r:hal_sensors_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.sensors@1\.0-service.samsung8974 u:object_r:hal_sensors_default_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/vendor\.lineage\.livedisplay@2\.0-service\.samsung-qcom u:object_r:hal_lineage_livedisplay_sysfs_exec:s0
|
/(vendor|system/vendor)/bin/hw/vendor\.lineage\.livedisplay@2\.0-service\.samsung-qcom u:object_r:hal_lineage_livedisplay_sysfs_exec:s0
|
||||||
|
@ -1,2 +1,10 @@
|
|||||||
|
binder_call(init, servicemanager)
|
||||||
|
binder_call(init, system_server)
|
||||||
|
|
||||||
|
allow init init:capability2 { block_suspend };
|
||||||
allow init efs_file:dir mounton;
|
allow init efs_file:dir mounton;
|
||||||
|
allow init hal_health_service:service_manager { add };
|
||||||
allow init proc_last_kmsg:file { r_file_perms setattr };
|
allow init proc_last_kmsg:file { r_file_perms setattr };
|
||||||
|
allow init init:netlink_kobject_uevent_socket { create setopt getopt bind read };
|
||||||
|
allow init sysfs:file w_file_perms;
|
||||||
|
allow init sysfs_batteryinfo:file { open };
|
1
sepolicy/common/surfaceflinger.te
Normal file
1
sepolicy/common/surfaceflinger.te
Normal file
@ -0,0 +1 @@
|
|||||||
|
get_prop(surfaceflinger, vendor_default_prop)
|
@ -9,6 +9,7 @@ allow system_server {
|
|||||||
}:file r_file_perms;
|
}:file r_file_perms;
|
||||||
|
|
||||||
allow system_server proc_last_kmsg:file r_file_perms;
|
allow system_server proc_last_kmsg:file r_file_perms;
|
||||||
|
allow system_server system_file:file { ioctl };
|
||||||
|
|
||||||
get_prop(system_server, exported_camera_prop);
|
get_prop(system_server, exported_camera_prop);
|
||||||
get_prop(system_server, userspace_reboot_config_prop);
|
get_prop(system_server, userspace_reboot_config_prop);
|
||||||
|
@ -1 +1,2 @@
|
|||||||
|
get_prop(ueventd, proc)
|
||||||
allow ueventd self:capability sys_nice;
|
allow ueventd self:capability sys_nice;
|
||||||
|
Loading…
Reference in New Issue
Block a user