summaryrefslogtreecommitdiffstats
path: root/sepolicy
diff options
context:
space:
mode:
Diffstat (limited to 'sepolicy')
-rw-r--r--sepolicy/fRom.te5
-rw-r--r--sepolicy/file_contexts5
-rw-r--r--sepolicy/init.te2
-rw-r--r--sepolicy/mediaserver.te1
-rw-r--r--sepolicy/pvrsrvinit.te8
-rw-r--r--sepolicy/rild.te2
6 files changed, 23 insertions, 0 deletions
diff --git a/sepolicy/fRom.te b/sepolicy/fRom.te
new file mode 100644
index 0000000..c5adba0
--- /dev/null
+++ b/sepolicy/fRom.te
@@ -0,0 +1,5 @@
+# fRom
+type fRom, domain;
+type fRom_exec, exec_type, file_type;
+
+init_daemon_domain(fRom)
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index e92704e..99b4a16 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -3,6 +3,7 @@
/dev/block/mmcblk0p4 u:object_r:radio_device:s0
/dev/block/mmcblk0p9 u:object_r:radio_device:s0
/dev/block/platform/omap/omap_hsmmc.0/by-name/radio u:object_r:radio_device:s0
+/dev/an30259a_leds u:object_r:video_device:s0
/dev/cdma_.* u:object_r:radio_device:s0
/dev/lte_.* u:object_r:radio_device:s0
/dev/tiler u:object_r:video_device:s0
@@ -33,3 +34,7 @@
# Accelerometer
/dev/accelirq u:object_r:sensors_device:s0
+
+# System binaries
+/system/bin/pvrsrvinit u:object_r:pvrsrvinit_exec:s0
+/system/vendor/bin/fRom u:object_r:fRom_exec:s0
diff --git a/sepolicy/init.te b/sepolicy/init.te
new file mode 100644
index 0000000..c18764f
--- /dev/null
+++ b/sepolicy/init.te
@@ -0,0 +1,2 @@
+allow init radio_device:lnk_file relabelto;
+allow init self:capability sys_module;
diff --git a/sepolicy/mediaserver.te b/sepolicy/mediaserver.te
new file mode 100644
index 0000000..dab508b
--- /dev/null
+++ b/sepolicy/mediaserver.te
@@ -0,0 +1 @@
+allow mediaserver system_server:unix_stream_socket { read write };
diff --git a/sepolicy/pvrsrvinit.te b/sepolicy/pvrsrvinit.te
new file mode 100644
index 0000000..8b388a0
--- /dev/null
+++ b/sepolicy/pvrsrvinit.te
@@ -0,0 +1,8 @@
+# pvrsrvinit
+type pvrsrvinit, domain;
+type pvrsrvinit_exec, exec_type, file_type;
+
+init_daemon_domain(pvrsrvinit)
+
+allow pvrsrvinit gpu_device:chr_file { read write ioctl open };
+allow pvrsrvinit self:capability sys_module;
diff --git a/sepolicy/rild.te b/sepolicy/rild.te
new file mode 100644
index 0000000..25381a0
--- /dev/null
+++ b/sepolicy/rild.te
@@ -0,0 +1,2 @@
+allow rild radio_data_file:dir setattr;
+allow rild self:process execmem;
generated by cgit v1.1 at 2024-05-02 10:18:28 +0000