diff options
author | RGIB <gibellini.roberto@gmail.com> | 2016-04-04 16:23:21 +0200 |
---|---|---|
committer | Roberto Gibellini <gibellini.roberto@gmail.com> | 2016-04-05 14:32:20 -0700 |
commit | db70d22263602fb90fffdfa277eff287c3fee757 (patch) | |
tree | a1aca3140c3d7e44959e7567bf9a7304ad116838 /selinux/rild.te | |
parent | f29e5e4bf0661a744456580ec17033170eee4aa5 (diff) | |
download | device_samsung_kona-common-db70d22263602fb90fffdfa277eff287c3fee757.zip device_samsung_kona-common-db70d22263602fb90fffdfa277eff287c3fee757.tar.gz device_samsung_kona-common-db70d22263602fb90fffdfa277eff287c3fee757.tar.bz2 |
kona : MM sepolicy
Change-Id: Ib7816ea15871cc75d8cd68a5d0cbcf5e6fe66c18
Diffstat (limited to 'selinux/rild.te')
-rw-r--r--[-rwxr-xr-x] | selinux/rild.te | 39 |
1 files changed, 8 insertions, 31 deletions
diff --git a/selinux/rild.te b/selinux/rild.te index f022c36..0f2f6dc 100755..100644 --- a/selinux/rild.te +++ b/selinux/rild.te @@ -1,31 +1,8 @@ -## RIL -allow rild radio_device:chr_file rw_file_perms; -allow rild { efs_file }:file rw_file_perms; -allow rild self:netlink_socket { create bind read write }; -allow rild self:netlink_route_socket { write }; -allow rild rild:process { execmem }; - -# Talk to qmuxd -qmux_socket(rild) - -# Allow logging diagnostic items -allow rild diagnostic_device:chr_file rw_file_perms; - -# XXX label with own type? -allow rild sysfs:file { read open write getattr }; - -allow rild ril_device:chr_file { read write ioctl open }; -allow rild radio_data_file:dir setattr; -allow rild self:capability dac_override; -allow rild unlabeled:dir search; -allow rild unlabeled:file { read getattr open setattr }; -allow rild dumpstate_exec:file getattr; -allow rild system_data_file:dir write; -allow rild unlabeled:file write; -allow rild log_device:chr_file { write open }; -allow rild proc_net:file { write }; -allow rild init:dir search; -allow rild init:file { read getattr open }; -allow rild init:unix_stream_socket { listen write getopt read accept }; -allow rild system_data_file:dir { remove_name add_name setattr }; -allow rild devpts:chr_file ioctl; +allow rild at_distributor:dir search; +allow rild at_distributor:file { read getattr open }; +allow rild gpsd:dir search; +allow rild gpsd:file { read getattr open }; +allow rild proc_net:file write; +allow rild sysfs:file write; +allow rild userdata_block_device:blk_file { read open }; +allow rild mediaserver:dir search; |