Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sepolicy #14

Open
DrRamm opened this issue Dec 28, 2017 · 0 comments
Open

Sepolicy #14

DrRamm opened this issue Dec 28, 2017 · 0 comments

Comments

@DrRamm
Copy link
Member

DrRamm commented Dec 28, 2017

allow audioserver debugfs:file open;
allow audioserver debugfs:file write;
allow bootanim debugfs:file open;
allow bootanim debugfs:file write;
allow bootstat sysfs:file getattr;
allow bootstat sysfs:file open;
allow bootstat sysfs:file read;
allow cameraserver debugfs:file open;
allow cameraserver debugfs:file write;
allow charger_monitor sysfs:file getattr;
allow charger_monitor sysfs:file read;
allow charger_monitor sysfs_spmi_dev:dir open;
allow charger_monitor sysfs_spmi_dev:dir read;
allow firmware_file rootfs:filesystem associate;
allow hal_drm_default debugfs:file open;
allow hal_drm_default debugfs:file write;
allow hal_graphics_allocator_default debugfs:file open;
allow hal_graphics_allocator_default debugfs:file write;
allow hal_graphics_allocator_default sysfs:file getattr;
allow hal_graphics_allocator_default sysfs:file open;
allow hal_graphics_allocator_default sysfs:file read;
allow hal_memtrack_default debugfs:file open;
allow hal_memtrack_default debugfs:file write;
allow hal_memtrack_default sysfs:file getattr;
allow hal_memtrack_default sysfs:file open;
allow hal_memtrack_default sysfs:file read;
allow hal_usb_default debugfs:file open;
allow hal_usb_default debugfs:file write;
allow hal_wifi_default debugfs:file open;
allow hal_wifi_default debugfs:file write;
allow hal_wifi_default sysfs:file write;
allow healthd debugfs:file open;
allow healthd debugfs:file write;
allow hwservicemanager debugfs:file open;
allow hwservicemanager debugfs:file write;
allow hwservicemanager sysfs:file getattr;
allow hwservicemanager sysfs:file open;
allow hwservicemanager sysfs:file read;
allow idmap sysfs:file getattr;
allow idmap sysfs:file open;
allow idmap sysfs:file read;
allow init btnvtool_exec:file execute_no_trans;
allow init debugfs:file write;
allow init firmware_file:dir create;
allow init rootfs:file execute_no_trans;
allow init shell_exec:file execute_no_trans;
allow init vfat:dir mounton;
allow installd debugfs:file open;
allow installd debugfs:file write;
allow keystore debugfs:file open;
allow keystore debugfs:file write;
allow lmkd sysfs:file write;
allow logd sysfs:file getattr;
allow logd sysfs:file open;
allow logd sysfs:file read;
allow mediacodec sysfs:file getattr;
allow mediacodec sysfs:file open;
allow mediacodec sysfs:file read;
allow mediaextractor sysfs:file getattr;
allow mediaextractor sysfs:file open;
allow mediaextractor sysfs:file read;
allow mediametrics sysfs:file getattr;
allow mediametrics sysfs:file open;
allow mediametrics sysfs:file read;
allow mm-pp-daemon sysfs:file getattr;
allow mm-pp-daemon sysfs:file open;
allow mm-pp-daemon sysfs:file read;
allow mm-pp-daemon system_prop:property_service set;
allow mpdecision sysfs:file getattr;
allow mpdecision sysfs:file read;
allow mpdecision system_data_file:dir add_name;
allow mpdecision system_data_file:dir remove_name;
allow mpdecision system_data_file:dir write;
allow mpdecision system_data_file:sock_file create;
allow mpdecision system_data_file:sock_file unlink;
allow mpdecision system_data_file:sock_file write;
allow netd debugfs:file open;
allow netd debugfs:file write;
allow qti_init_shell shell_exec:file getattr;
allow qti_init_shell shell_exec:file read;
allow qti_init_shell sysfs:file write;
allow qti_init_shell system_data_file:file getattr;
allow qti_init_shell system_data_file:file unlink;
allow qti_init_shell system_data_file:file write;
allow qti_init_shell toolbox_exec:file execute;
allow qti_init_shell toolbox_exec:file execute_no_trans;
allow qti_init_shell toolbox_exec:file getattr;
allow qti_init_shell toolbox_exec:file open;
allow qti_init_shell toolbox_exec:file read;
allow servicemanager qti_init_shell:dir search;
allow servicemanager qti_init_shell:file open;
allow servicemanager qti_init_shell:file read;
allow servicemanager qti_init_shell:process getattr;
allow servicemanager sysfs:file getattr;
allow servicemanager sysfs:file open;
allow servicemanager sysfs:file read;
allow shell kernel:system syslog_read;
allow shell sysfs:file getattr;
allow shell sysfs:file open;
allow shell sysfs:file read;
allow storaged debugfs:file read;
allow system_server alarm_boot_prop:file getattr;
allow system_server alarm_boot_prop:file open;
allow system_server alarm_boot_prop:file read;
allow system_server mpdecision:unix_stream_socket connectto;
allow system_server qti_init_shell:binder call;
allow toolbox ctl_default_prop:property_service set;
allow toolbox init:fifo_file getattr;
allow toolbox init:fifo_file write;
allow toolbox init:unix_stream_socket connectto;
allow toolbox property_socket:sock_file write;
allow toolbox sensors_prop:property_service set;
allow toolbox sf_lcd_density_prop:property_service set;
allow toolbox sysfs:file getattr;
allow toolbox sysfs:file open;
allow toolbox sysfs:file read;
allow toolbox sysfs:file setattr;
allow toolbox sysfs_battery_supply:dir search;
allow toolbox sysfs_battery_supply:file getattr;
allow toolbox sysfs_battery_supply:file setattr;
allow toolbox sysfs_graphics:file getattr;
allow toolbox sysfs_graphics:file open;
allow toolbox sysfs_graphics:file read;
allow toolbox sysfs_graphics:file setattr;
allow toolbox sysfs_spmi_dev:dir search;
allow toolbox system_prop:property_service set;
allow toolbox toolbox:capability chown;
allow toolbox toolbox:capability dac_override;
allow toolbox toolbox:capability fowner;
allow toolbox toolbox:capability fsetid;
allow toolbox usf_data_file:file getattr;
allow toolbox usf_data_file:file setattr;
allow tzdatacheck sysfs:file getattr;
allow tzdatacheck sysfs:file open;
allow tzdatacheck sysfs:file read;
allow vdc sysfs:file getattr;
allow vdc sysfs:file open;
allow vdc sysfs:file read;
allow vndservicemanager sysfs:file getattr;
allow vndservicemanager sysfs:file open;
allow vndservicemanager sysfs:file read;
allow webview_zygote debugfs:file open;
allow webview_zygote debugfs:file write;
allow webview_zygote sysfs:file getattr;
allow webview_zygote sysfs:file open;
allow webview_zygote sysfs:file read;
allow zygote debugfs:file getattr;
allow zygote debugfs:file open;
allow zygote debugfs:file write;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@DrRamm