initial releasecm-13.0

author: Mister Oyster <oysterized@gmail.com> 2017-01-02 12:44:35 +0100
committer: Mister Oyster <oysterized@gmail.com> 2017-01-02 12:44:35 +0100
commit: a184d985bf43d3fe6eeba971bc6b32f79ea38b37 (patch)
tree: 6f6e56e090777cc149bc1ab39e5987cc2b03e867 /sepolicy/aal.te
1 files changed, 40 insertions, 0 deletions
diff --git a/sepolicy/aal.te b/sepolicy/aal.te
new file mode 100644
index 0000000..bbaa1bb
--- /dev/null
+++ b/sepolicy/aal.te
@@ -0,0 +1,40 @@
+# ==============================================
+# Policy File of /system/binaal Executable File 
+
+# ==============================================
+# Type Declaration
+# ==============================================
+
+type aal_exec , exec_type, file_type;
+type aal ,domain;
+
+# ==============================================
+# Android Policy Rule
+# ==============================================
+
+# ==============================================
+# NSA Policy Rule
+# ==============================================
+
+# ==============================================
+# MTK Policy Rule
+# ==============================================
+
+# permissive aal;
+init_daemon_domain(aal)
+# unconfined_domain(aal)
+
+# Date : 2014/09/09 (or WK14.37)
+# Operation : Migration
+# Purpose : allow Binder IPC
+binder_use(aal)
+binder_call(aal, binderservicedomain)
+binder_service(aal)
+
+# Date : WK14.41
+# Operation : Migration
+# Purpose : All enforing mode
+allow aal aal_als_device:chr_file { read open ioctl };
+allow aal graphics_device:chr_file { read open ioctl };
+allow aal graphics_device:dir search;
+allow aal aal_service:service_manager add;
author	Mister Oyster <oysterized@gmail.com>	2017-01-02 12:44:35 +0100
committer	Mister Oyster <oysterized@gmail.com>	2017-01-02 12:44:35 +0100
commit	a184d985bf43d3fe6eeba971bc6b32f79ea38b37 (patch)
tree	6f6e56e090777cc149bc1ab39e5987cc2b03e867 /sepolicy/aal.te