universal7870: update sepolicy (wip)

sepolicy/macloader.te

@@ -0,0 +1,30 @@
+#### macloader
+#
+type macloader, domain, coredomain;
+type macloader_exec, exec_type, file_type, system_file_type;
+
+init_daemon_domain(macloader)
+
+allow macloader self:capability { chown fowner fsetid };
+allow macloader self:process execmem;
+
+# Write into /data
+allow macloader system_data_file:dir { add_name search write };
+allow macloader system_file:file execute_no_trans;
+
+# /data/.cid.info
+# Automatically label files created in /data/ as wifi_data_file
+file_type_auto_trans(macloader, system_data_file, wifi_data_file)
+
+allow macloader wifi_data_file:dir create_dir_perms;
+allow macloader wifi_data_file:file { create_file_perms getattr setattr };
+
+# /sys/module/dhd/parameters/nvram_path
+allow macloader sysfs:file rw_file_perms;
+
+# /efs
+allow macloader efs_file:dir r_dir_perms;
+
+# /efs/wifi/.mac.info
+allow macloader wifi_efs_file:dir r_dir_perms;
+allow macloader wifi_efs_file:file r_file_perms;