king
/
v811_spc009
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8f4c154c05'
${ noResults }
v811_spc009/device/mediatek/wembley-sepolicy/non_plat/vendor_init.te

91 lines
3.3 KiB
Raw Normal View History Unescape

v811_spc009_project
4 months ago
# ==============================================
# MTK Policy Rule
# ==============================================
set_prop(vendor_init, vendor_mtk_mediatek_prop)
set_prop(vendor_init, vendor_mtk_md_version_prop)
set_prop(vendor_init, vendor_mtk_volte_prop)
set_prop(vendor_init, vendor_mtk_radio_prop)
set_prop(vendor_init, vendor_mtk_ril_mode_prop)
set_prop(vendor_init, vendor_mtk_wmt_prop)
set_prop(vendor_init, vendor_mtk_coredump_prop)
allow vendor_init proc_wmtdbg:file w_file_perms;
allow vendor_init proc_cpufreq:file w_file_perms;
allow vendor_init proc_bootprof:file write;
allow vendor_init proc_pl_lk:file w_file_perms;
allow vendor_init rootfs:dir { write add_name setattr };
allow vendor_init self:capability sys_module;
allow vendor_init tmpfs:dir { write create add_name };
allow vendor_init unlabeled:dir { relabelfrom getattr setattr search };
allow vendor_init vendor_file:system module_load;
allow vendor_init kmsg_device:chr_file unlink;
set_prop(vendor_init, system_mtk_persist_mtk_aee_prop)
set_prop(vendor_init, vendor_mtk_ro_aee_prop)
set_prop(vendor_init, vendor_mtk_sensor_prop)
set_prop(vendor_init, vendor_mtk_usb_prop)
set_prop(vendor_init, vendor_mtk_ct_volte_prop)
set_prop(vendor_init, vendor_mtk_gps_support_prop)
set_prop(vendor_init, vendor_mtk_rat_config_prop)
set_prop(vendor_init, vendor_mtk_tel_switch_prop)
set_prop(vendor_init, vendor_mtk_aal_ro_prop)
set_prop(vendor_init, vendor_mtk_pq_ro_prop)
set_prop(vendor_init, vendor_mtk_default_prop)
set_prop(vendor_init, vendor_mtk_nn_option_prop)
set_prop(vendor_init, vendor_mtk_emmc_support_prop)
set_prop(vendor_init, vendor_mtk_anr_support_prop)
set_prop(vendor_init, vendor_mtk_antutu_prop)
set_prop(vendor_init, vendor_mtk_bt_sap_enable_prop)
# allow create symbolic link, /mnt/sdcard, for meta/factory mode
allow vendor_init tmpfs:lnk_file create;
set_prop(vendor_init, vendor_mtk_cxp_vendor_prop)
# Run "ifup lo" to bring up the localhost interface
allow vendor_init proc_hostname:file w_file_perms;
allow vendor_init self:udp_socket { create ioctl };
# in addition to unpriv ioctls granted to all domains, init also needs:
allowxperm vendor_init self:udp_socket ioctl { SIOCSIFFLAGS };
allow vendor_init self:global_capability_class_set net_raw;
# enhance boot time
allow vendor_init proc_perfmgr:file write;
# allow create symbolic link, /mnt/sdcard, for meta/factory mode
allow vendor_init tmpfs:lnk_file create;
set_prop(vendor_init, vendor_mtk_appresolutiontuner_prop)
# fullscreen switch
set_prop(vendor_init, vendor_mtk_fullscreenswitch_prop)
# for kernel module verification support, allow vendor domain to search kernel keyring
allow vendor_init kernel:key search;
# Purpose: /dev/block/mmcblk0p10
allow vendor_init expdb_block_device:blk_file rw_file_perms;
set_prop(vendor_init, vendor_mtk_wifi_hotspot_prop)
set_prop(vendor_init, vendor_mtk_persist_aeev_prop)
set_prop(vendor_init, vendor_mtk_powerhal_prop)
# mmstat tracer
allow vendor_init debugfs_tracing_instances:dir create_dir_perms;
allow vendor_init debugfs_tracing_instances:file w_file_perms;
#boot tracer
allow vendor_init debugfs_tracing_debug:file w_file_perms;
# Date : 2019/11/21
# Operation: SQC
# Purpose : Allow vendor_init to control MCDI
allow vendor_init proc_cpuidle:file rw_file_perms;
# Date : 2020/07/08
# Purpose: add permission for /proc/sys/vm/swappiness
allow vendor_init proc_swappiness:file w_file_perms;