sanders: update to sepolicy
Signed-off-by: ronaxdevil <pratabidya.007@gmail.com>
This commit is contained in:
ronaxdevil
2
sepolicy/vendor/cameraserver.te
vendored
2
sepolicy/vendor/cameraserver.te
vendored
@@ -25,7 +25,7 @@ allow cameraserver media_rw_data_file:file { create read write open };
|
||||
allow cameraserver cameraserver:process { execmem };
|
||||
|
||||
####
|
||||
allow cameraserver debug_prop:file { r_file_perms };
|
||||
#allow cameraserver debug_prop:file { r_file_perms };
|
||||
allow cameraserver debug_prop:property_service set;
|
||||
|
||||
#######
|
||||
|
||||
2
sepolicy/vendor/fingerprintd.te
vendored
2
sepolicy/vendor/fingerprintd.te
vendored
@@ -8,5 +8,5 @@ allow fingerprintd sysfs_mmi_fp:file rw_file_perms;
|
||||
allow fingerprintd system_data_file:sock_file unlink;
|
||||
allow fingerprintd sysfs_fpc:dir r_dir_perms;
|
||||
allow fingerprintd sysfs_fpc:file rw_file_perms;
|
||||
allow fingerprintd tee_device:chr_file { ioctl open read write };
|
||||
#allow fingerprintd tee_device:chr_file { ioctl open read write };
|
||||
allow fingerprintd uhid_device:chr_file rw_file_perms;
|
||||
|
||||
8
sepolicy/vendor/hal_camera_default.te
vendored
8
sepolicy/vendor/hal_camera_default.te
vendored
@@ -1,4 +1,4 @@
|
||||
allow hal_camera_default gpu_device:dir r_dir_perms;
|
||||
allow hal_camera_default gpu_device:file r_file_perms;
|
||||
allow hal_camera_default hal_configstore_ISurfaceFlingerConfigs:hwservice_manager find;
|
||||
allow hal_camera_default hal_configstore_default:binder call;
|
||||
#allow hal_camera_default gpu_device:dir r_dir_perms;
|
||||
#allow hal_camera_default gpu_device:file r_file_perms;
|
||||
#allow hal_camera_default hal_configstore_ISurfaceFlingerConfigs:hwservice_manager find;
|
||||
#allow hal_camera_default hal_configstore_default:binder call;
|
||||
|
||||
6
sepolicy/vendor/init.te
vendored
6
sepolicy/vendor/init.te
vendored
@@ -12,7 +12,7 @@ allow init system_data_file:file lock;
|
||||
allow init audio_device:chr_file { write ioctl };
|
||||
allow init input_device:chr_file rw_file_perms;
|
||||
allow init sensors_device:chr_file { write ioctl };
|
||||
allow init tee_device:chr_file { write ioctl };
|
||||
#allow init tee_device:chr_file { write ioctl };
|
||||
|
||||
allow init servicemanager:binder { transfer call };
|
||||
allow init system_server:binder { transfer call };
|
||||
@@ -44,9 +44,9 @@ allow init self:netlink_route_socket { bind create getopt nlmsg_read read setopt
|
||||
|
||||
allow init self:capability2 { block_suspend };
|
||||
|
||||
allow init hal_sensors_hwservice:hwservice_manager find;
|
||||
#allow init hal_sensors_hwservice:hwservice_manager find;
|
||||
|
||||
allow init { domain -lmkd -crash_dump }:process noatsecure;
|
||||
#allow init { domain -lmkd -crash_dump }:process noatsecure;
|
||||
|
||||
#allow init hal_perf_hwservice:hwservice_manager find;
|
||||
allow init hidl_base_hwservice:hwservice_manager add;
|
||||
|
||||
2
sepolicy/vendor/radio.te
vendored
2
sepolicy/vendor/radio.te
vendored
@@ -1,3 +1,3 @@
|
||||
allow radio system_app_data_file:dir getattr;
|
||||
#allow radio qmuxd_socket:sock_file write;
|
||||
allow radio vendor_file:file { getattr open read };
|
||||
#allow radio vendor_file:file { getattr open read };
|
||||
|
||||
2
sepolicy/vendor/system_server.te
vendored
2
sepolicy/vendor/system_server.te
vendored
@@ -12,7 +12,7 @@ allow system_server init:unix_stream_socket write;
|
||||
|
||||
allow system_server sensors_device:chr_file { ioctl open read };
|
||||
|
||||
allow system_server vendor_file:file { getattr read };
|
||||
#allow system_server vendor_file:file { getattr read };
|
||||
|
||||
allow system_server sysfs:file getattr;
|
||||
allow system_server thermal_service:service_manager find;
|
||||
|
||||
Reference in New Issue
Block a user