mirror of
https://github.com/AetherDroid/android_device_samsung_universal7570-common.git
synced 2025-10-29 15:28:51 +01:00
universal7870: update sepolicy (wip)
This commit is contained in:
Astrako
Alejandro
parent
841f56ecbf
commit
4cd64b76bd
46 changed files with 515 additions and 184 deletions
|
|
@ -1,37 +1,43 @@
|
|||
# gps daemon sec label
|
||||
type gpsd, domain;
|
||||
type gpsd_exec, exec_type, file_type;
|
||||
type gpsd, domain, coredomain;
|
||||
type gpsd_exec, exec_type, file_type, system_file_type;
|
||||
|
||||
init_daemon_domain(gpsd)
|
||||
wakelock_use(gpsd)
|
||||
init_daemon_domain(gpsd);
|
||||
|
||||
# Automatically label files created in /data/system/gps as gps_data_file
|
||||
file_type_auto_trans(gpsd, system_data_file, gps_data_file)
|
||||
|
||||
# Allow rild to connect to gpsd
|
||||
# Allow rild and netd to connect to gpsd
|
||||
unix_socket_connect(gpsd, property, rild)
|
||||
unix_socket_connect(gpsd, property, netd)
|
||||
|
||||
allow gpsd system_server:unix_stream_socket { read write setopt };
|
||||
|
||||
binder_call(gpsd, system_server)
|
||||
binder_use(gpsd)
|
||||
|
||||
# Sockets
|
||||
type_transition gpsd gps_data_file:sock_file gps_socket;
|
||||
|
||||
allow gpsd dnsproxyd_socket:sock_file write;
|
||||
allow gpsd fwmarkd_socket:sock_file write;
|
||||
allow gpsd gps_socket:sock_file create_file_perms;
|
||||
allow gpsd self:udp_socket { create bind connect read setopt write };
|
||||
|
||||
# sysfs_gps
|
||||
allow gpsd system_file:dir { open read getattr };
|
||||
allow gpsd sysfs_gps:file { open read getattr };
|
||||
|
||||
# /dev/ttySAC0
|
||||
allow gpsd bluetooth_device:chr_file { getattr setattr rw_file_perms };
|
||||
allow gpsd gps_device:chr_file { getattr setattr rw_file_perms };
|
||||
allow gpsd gps_data_file:dir { search write add_name remove_name };
|
||||
allow gpsd gps_data_file:file { create rw_file_perms };
|
||||
allow gpsd gps_data_file:dir { search write add_name remove_name rw_dir_perms };
|
||||
allow gpsd gps_data_file:fifo_file { unlink create setattr getattr rw_file_perms };
|
||||
|
||||
allow gpsd sysfs_wake_lock:file rw_file_perms;
|
||||
|
||||
allow gpsd sysfs:file { open read getattr };
|
||||
|
||||
allow gpsd dnsproxyd_socket:sock_file write;
|
||||
allow gpsd fwmarkd_socket:sock_file write;
|
||||
allow gpsd netd:unix_stream_socket connectto;
|
||||
allow gpsd self:udp_socket { connect create read setopt write };
|
||||
allow gpsd sensorservice_service:service_manager { find };
|
||||
|
||||
# /dev/umts_boot0
|
||||
allow gpsd mif_device:chr_file r_file_perms;
|
||||
allow gpsd shell_exec:file { execute execute_no_trans getattr open read };
|
||||
allow gpsd toolbox_exec:file { execute execute_no_trans getattr open read };
|
||||
|
||||
allow gpsd shell_exec:file execute;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue