diff options
author | forkbomb <keepcalm444@gmail.com> | 2015-11-27 23:53:05 +1100 |
---|---|---|
committer | Simon Shields <keepcalm444@gmail.com> | 2015-12-11 10:57:35 +1100 |
commit | 8d8ac23e55c865ce1d8f245f4ddea27792667688 (patch) | |
tree | bf3ed5619df7484368b9db623e83b94847e7e942 /selinux/cpboot-daemon.te | |
parent | 808d0b578511aac96a32101c3df523e6fed5b0d8 (diff) | |
download | device_samsung_i9300-8d8ac23e55c865ce1d8f245f4ddea27792667688.zip device_samsung_i9300-8d8ac23e55c865ce1d8f245f4ddea27792667688.tar.gz device_samsung_i9300-8d8ac23e55c865ce1d8f245f4ddea27792667688.tar.bz2 |
i9300: M sepolicy bringup
GPS fixes taken from grouper:
https://github.com/CyanogenMod/android_device_asus_grouper/commit/9651b24fb481bf0fc1db3b1d700033cf66eb067e
and
https://github.com/CyanogenMod/android_device_asus_grouper/commit/f5592571d581478622f0fc3f86fbbddf20cf89c7
Change-Id: I7ec658691c65c3b6c087ee41ba69f2cb37ade525
Diffstat (limited to 'selinux/cpboot-daemon.te')
-rw-r--r-- | selinux/cpboot-daemon.te | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/selinux/cpboot-daemon.te b/selinux/cpboot-daemon.te new file mode 100644 index 0000000..9974ff2 --- /dev/null +++ b/selinux/cpboot-daemon.te @@ -0,0 +1,25 @@ +type cpboot-daemon, domain; + +permissive cpboot-daemon; + +allow cpboot-daemon cgroup:dir { create add_name }; +allow cpboot-daemon device:dir { write remove_name add_name }; +allow cpboot-daemon efs_block_device:blk_file { read open }; +allow cpboot-daemon efs_device_file:dir search; +allow cpboot-daemon efs_file:file { read write open }; +allow cpboot-daemon init:unix_stream_socket connectto; +allow cpboot-daemon log_device:chr_file { write open }; +allow cpboot-daemon log_device:dir search; +allow cpboot-daemon property_socket:sock_file write; +allow cpboot-daemon radio_device:chr_file { read write ioctl open }; +allow cpboot-daemon radio_prop:property_service set; +allow cpboot-daemon self:capability { setuid }; +allow cpboot-daemon sysfs_radio:file { read write open }; +allow cpboot-daemon usbfs:dir search; +allow cpboot-daemon self:capability dac_override; +allow cpboot-daemon cbd_device:chr_file create_file_perms; + +# FIX ME +# allow cpboot-daemon usbfs:filesystem mount; +# allow cpboot-daemon self:capability { mknod }; + |