AetherDroid/android_device_samsung_universal7570-common
1
0
Fork 0
mirror of https://github.com/AetherDroid/android_device_samsung_universal7570-common.git synced 2025-09-08 01:08:05 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

universal7570: sepolicy: Update for exynos 7570

Browse source 
* I still don't know how to import these from stock
* So I 'kang' from https://github.com/Yilliee/android_device_samsung_on5xelte , hehe

Change-Id: I093d4b91602f1b26750f41bd9b9c056e707dd12d
This commit is contained in:
Hendra Manudinata 2021-03-09 09:10:57 +07:00
parent 926337f331
commit 602b4e4005
No known key found for this signature in database
GPG key ID: 8DB7A83A9B4EE2D6
53 changed files with 58 additions and 1095 deletions
Download patch file Download diff file Expand all files Collapse all files

51
sepolicy/cpboot-daemon.te
View file

@ -1,51 +0,0 @@
# modem daemon sec label
type cpboot-daemon, domain;
type cpboot-daemon_exec, exec_type, file_type, vendor_file_type;
net_domain(cpboot-daemon)
init_daemon_domain(cpboot-daemon)
wakelock_use(cpboot-daemon)
set_prop(cpboot-daemon, modemloader_prop)
allow cpboot-daemon self:capability { setuid setgid };
# FIXME neverallow rule
# allow cpboot-daemon self:capability mknod;
allow cpboot-daemon kernel:system syslog_read;
allow cpboot-daemon cgroup:dir create_dir_perms;
# /dev/log/*
#allow cpboot-daemon log_device:dir r_dir_perms;
#allow cpboot-daemon log_device:chr_file rw_file_perms;
# /dev/kmsg (write to kernel log)
allow cpboot-daemon kmsg_device:chr_file rw_file_perms;
# /dev/umts_boot0
allow cpboot-daemon mif_device:chr_file rw_file_perms;
# /dev/mbin0
allow cpboot-daemon emmcblk_device:blk_file r_file_perms;
# /dev/spi_boot_link
allow cpboot-daemon radio_device:chr_file rw_file_perms;
# /dev/block/mmcblk0p13
allow cpboot-daemon block_device:dir r_dir_perms;
allow cpboot-daemon radio_block_device:blk_file r_file_perms;
# /dev/mipi-lli/lli_control
allow cpboot-daemon sysfs_mipi:file rw_file_perms;
# /efs
allow cpboot-daemon efs_file:dir r_dir_perms;
# /efs/nv_data.bin
allow cpboot-daemon bin_nv_data_efs_file:file rw_file_perms;
allow cpboot-daemon efs_file:file rw_file_perms;
# /proc permissions
allow cpboot-daemon proc_cmdline:file r_file_perms;
allow cpboot-daemon proc_dt_firmware:dir search;
allow cpboot-daemon proc_dt_firmware:file { open read };
# set properties on boot
set_prop(cpboot-daemon, cpboot-daemon_prop)
set_prop(cpboot-daemon, radio_prop)
set_prop(cpboot-daemon, system_prop)