Commit 94afc568 authored by d0n (d0n@d0nmachine)'s avatar d0n (d0n@d0nmachine)
Browse files

{'modified': ['sepolicy/attributes', 'sepolicy/cameraserver.te',... 

{'modified': ['sepolicy/attributes', 'sepolicy/cameraserver.te', 'sepolicy/ccci_fsd.te', 'sepolicy/ccci_mdinit.te', 'sepolicy/device.te', 'sepolicy/em_svr.te', 'sepolicy/etsd.te', 'sepolicy/file.te', 'sepolicy/file_contexts', 'sepolicy/fuelgauged.te', 'sepolicy/ged_srv.te', 'sepolicy/genfs_contexts', 'sepolicy/gsm0710muxd.te', 'sepolicy/kernel.te', 'sepolicy/md_ctrl.te', 'sepolicy/mediacodec.te', 'sepolicy/mediaserver.te', 'sepolicy/memsicd3416x.te', 'sepolicy/mnld.te', 'sepolicy/msensord.te', 'sepolicy/muxreport.te', 'sepolicy/mxg2320d.te', 'sepolicy/nvram_daemon.te', 'sepolicy/platform_app.te', 'sepolicy/pq.te', 'sepolicy/property.te', 'sepolicy/property_contexts', 'sepolicy/qmc6983d.te', 'sepolicy/radio.te', 'sepolicy/ril-daemon-mtk.te', 'sepolicy/service.te', 'sepolicy/service_contexts', 'sepolicy/spm_loader.te', 'sepolicy/surfaceflinger.te', 'sepolicy/system_app.te', 'sepolicy/system_server.te', 'sepolicy/thermal_manager.te', 'sepolicy/untrusted_app.te', 'sepolicy/vold.te', 'sepolicy/wmt_loader.te']} cm-14.1

Change-Id: Ic046822b5d60b7481b52af09655f8980e2275c71
parent e96cdb44

sepolicy/attributes

+0 −5
Original line number Diff line number Diff line 
attribute mtk_property_type;
 


# PQ

attribute hal_pq;

attribute hal_pq_client;

attribute hal_pq_server;

sepolicy/cameraserver.te

+21 −1
Original line number Diff line number Diff line 
allow cameraserver proc_ged:file r_file_perms;
 
# nvram

allow cameraserver nvdata_file:dir rw_dir_perms;

allow cameraserver nvdata_file:file create_file_perms;

allow cameraserver ccci_device:chr_file rw_file_perms;



# camera

allow cameraserver sensorservice_service:service_manager find;

allow cameraserver system_server:unix_stream_socket { read write };

allow cameraserver camera_device:chr_file rw_file_perms;

allow cameraserver mtk_smi_device:chr_file rw_file_perms;

allow cameraserver proc:file { read ioctl open };

allow cameraserver devmap_device:chr_file r_file_perms;

allow cameraserver devmap_device:chr_file { ioctl };

allow cameraserver sysfs_devinfo:file rw_file_perms;

allow cameraserver sysfs_membw:file rw_file_perms;

allow cameraserver proc_meminfo:file { open read getattr };

allow cameraserver sysfs_boot_mode:file r_file_perms;

allow cameraserver sysfs_ddr_type:file r_file_perms;



# PQ

allow cameraserver pq_service:service_manager find;

sepolicy/ccci_fsd.te

+2 −3
Original line number Diff line number Diff line 
type ccci_fsd_exec, exec_type, file_type;

type ccci_fsd, domain;

type ccci_fsd, domain, domain_deprecated;



init_daemon_domain(ccci_fsd)
@@ -15,5 +15,4 @@ allow ccci_fsd protect_s_data_file:dir create_dir_perms; 
allow ccci_fsd protect_s_data_file:file create_file_perms;

allow ccci_fsd sysfs_ccci:file rw_file_perms;

allow ccci_fsd sysfs_ccci:dir search;



wakelock_use(ccci_fsd)
 
allow ccci_fsd sysfs_wake_lock:file rw_file_perms;

sepolicy/ccci_mdinit.te

+15 −8
Original line number Diff line number Diff line 
type ccci_mdinit_exec, exec_type, file_type;

type ccci_mdinit, domain;

type ccci_mdinit, domain, domain_deprecated;



init_daemon_domain(ccci_mdinit)
@@ -9,14 +9,21 @@ allow ccci_mdinit ccci_cfg_file:file create_file_perms; 
allow ccci_mdinit nvdata_file:dir rw_dir_perms;

allow ccci_mdinit nvdata_file:file create_file_perms;

allow ccci_mdinit nvdata_file:lnk_file r_file_perms;

allow ccci_mdinit sysfs_boot_mode:file r_file_perms;

allow ccci_mdinit sysfs_ccci:dir search;

allow ccci_mdinit sysfs_ccci:file rw_file_perms;

allow ccci_mdinit sysfs_wake_lock:file rw_file_perms;

allow ccci_mdinit sysfs_devinfo:file r_file_perms;



set_prop(ccci_mdinit, mtk_md_prop)

set_prop(ccci_mdinit, ctl_ccci_fsd_prop)

set_prop(ccci_mdinit, ctl_gsm0710muxd_prop)

set_prop(ccci_mdinit, ctl_rildaemon_prop)

set_prop(ccci_mdinit, radio_prop)

set_prop(ccci_mdinit, ril_mux_report_case_prop)
 
allow ccci_mdinit nvram_device:blk_file rw_file_perms;

allow ccci_mdinit mtk_md_prop:property_service set;



allow ccci_mdinit ctl_ccci_fsd_prop:property_service set;

allow ccci_mdinit ctl_gsm0710muxd_prop:property_service set;

allow ccci_mdinit ctl_rildaemon_prop:property_service set;

allow ccci_mdinit radio_prop:property_service set;

allow ccci_mdinit ril_mux_report_case_prop:property_service set;



allow ccci_mdinit mdlog_data_file:file r_file_perms;

allow ccci_mdinit mdlog_data_file:dir r_dir_perms;



unix_socket_connect(ccci_mdinit, property, init)

sepolicy/device.te

+4 −10
Original line number Diff line number Diff line
@@ -7,6 +7,7 @@ type hwmsensor_device, dev_type; 
type wmtWifi_device, dev_type;

type wmtdetect_device, dev_type;

type gsm0710muxd_device, dev_type;

type mdlog_device, dev_type;

type pmic_adc_device, dev_type;



# Sensors
@@ -23,10 +24,6 @@ type fm_device, dev_type; 
type Vcodec_device, dev_type;

type M4U_device_device, dev_type;

type mtk_smi_device, dev_type;

type ebc_device, dev_type;



# GPS

type gps_device, dev_type;



# SPM

type spm_device, dev_type;
@@ -41,15 +38,12 @@ type madev0_device, dev_type; 
# IR

type irtx_device, dev_type;



# Trustzone

type tkcore_device, dev_type;



# CMDQ

type cmdq_device, dev_type;



# Block devices

type proinfo_device, dev_type;

type nvram_device, dev_type;

type nvdata_device, dev_type;

type protect1_device, dev_type;

type protect2_device, dev_type;

type logo_block_device, dev_type;

type para_block_device, dev_type;

type mmc_device, dev_type;