diff options
| author | Mister Oyster <oysterized@gmail.com> | 2017-01-02 12:44:35 +0100 |
|---|---|---|
| committer | Mister Oyster <oysterized@gmail.com> | 2017-01-02 12:44:35 +0100 |
| commit | a184d985bf43d3fe6eeba971bc6b32f79ea38b37 (patch) | |
| tree | 6f6e56e090777cc149bc1ab39e5987cc2b03e867 /sepolicy/nfc.te | |
initial releasecm-13.0
Diffstat (limited to 'sepolicy/nfc.te')
| -rw-r--r-- | sepolicy/nfc.te | 104 |
1 files changed, 104 insertions, 0 deletions
diff --git a/sepolicy/nfc.te b/sepolicy/nfc.te new file mode 100644 index 0000000..00b09d3 --- /dev/null +++ b/sepolicy/nfc.te @@ -0,0 +1,104 @@ +# ============================================== +# MTK Policy Rule +# ============================================== + + +# ============================================== +# Date : 2014/10/15 +# Operation : Refine +# Purpose : Set NFC permission to access nfc_socket. + +allow nfc nfc_socket:dir { write remove_name add_name search }; +allow nfc nfc_socket:sock_file { write create setattr unlink }; + + +# ============================================== +# Date : 2014/10/15 +# Operation : Refine +# Purpose : Set NFC permission to access custom file. + +allow nfc custom_file:dir getattr; + + +# ============================================== +# Date : 2014/10/15 +# Operation : Refine +# Purpose : Set NFC permission to access mt6605_device ( nfc device node ) . + +allow nfc mt6605_device:chr_file { read write getattr open ioctl }; + + +# ============================================== +# Date : 2014/10/15 +# Operation : Refine +# Purpose : Set NFC permission to access nfc data file. + +allow nfc nfc_data_file:dir { write remove_name add_name search create setattr }; +allow nfc nfc_data_file:file { read getattr open rename write ioctl setattr create unlink }; + + +# ============================================== +# Date : 2014/10/15 +# Operation : Refine +# Purpose : Set NFC permission to access SD card for debug purpose. + +allow nfc sdcard_internal:dir { write remove_name search create add_name }; +allow nfc sdcard_internal:file { read write getattr open rename create }; +allow nfc sdcard_external:dir { write add_name search }; +allow nfc sdcard_external:file { read write getattr open create }; + + +# ============================================== +# Date : 2014/10/15 +# Operation : Refine +# Purpose : Set NFC permission for update screen (activity,dialog,animation, ex: Nfc Beam) + +allow nfc guiext-server:binder call; + + +# ============================================== +# Date : 2014/10/15 +# Operation : Refine +# Purpose : Set NFC permission for WFD + +allow nfc surfaceflinger:dir search; +allow nfc surfaceflinger:file { read getattr open }; + + +# ============================================== +# Date : 2014/10/15 +# Operation : Refine +# Purpose : For Mdlogger + +allow nfc node:tcp_socket node_bind; +allow nfc port:tcp_socket name_bind; +allow nfc self:tcp_socket { setopt read bind create accept write getattr connect getopt listen }; + + +# ============================================== +# Date : 2014/10/15 +# Operation : Refine +# Purpose : For NFC-JNI + +allow nfc zygote:unix_stream_socket { getopt getattr }; + + +# ============================================== +# Date : 2014/10/15 +# Operation : Refine +# Purpose : For VPN + +allow nfc init:unix_stream_socket { write read setopt }; + + +# ============================================== +# Date : 2015/03/11 +# Operation : SQC +# Purpose : For platform_app_tmpfs +allow nfc platform_app_tmpfs:file write; + + +# allow nfc init_tmpfs:file read; +# allow nfc adbd:unix_stream_socket setopt; +# allow nfc dumpstate:fd use; +# allow nfc dumpstate:unix_stream_socket { read write getopt getattr }; |