aboutsummaryrefslogtreecommitdiff
path: root/sepolicy/shell.te
diff options
context:
space:
mode:
Diffstat (limited to 'sepolicy/shell.te')
-rw-r--r--sepolicy/shell.te110
1 files changed, 110 insertions, 0 deletions
diff --git a/sepolicy/shell.te b/sepolicy/shell.te
new file mode 100644
index 0000000..1aa1ed9
--- /dev/null
+++ b/sepolicy/shell.te
@@ -0,0 +1,110 @@
+# ==============================================
+# MTK Policy Rule
+# ============
+
+# Date : WK14.XX
+# Operation : Migration
+# Purpose : for exec labels defined by mtk
+allow shell mtk_6620_launcher_exec:file rx_file_perms;
+allow shell GoogleOtaBinder_exec:file rx_file_perms;
+allow shell MtkCodecService_exec:file rx_file_perms;
+allow shell aee_core_forwarder_exec:file rx_file_perms;
+allow shell akmd8963_exec:file rx_file_perms;
+allow shell akmd8975_exec:file rx_file_perms;
+allow shell ami304d_exec:file rx_file_perms;
+allow shell zygote_exec:file rx_file_perms;
+allow shell atci_service_exec:file rx_file_perms;
+allow shell atcid_exec:file rx_file_perms;
+allow shell audiocmdservice_atci_exec:file rx_file_perms;
+allow shell autokd_exec:file rx_file_perms;
+allow shell batterywarning_exec:file rx_file_perms;
+allow shell bmm050d_exec:file rx_file_perms;
+allow shell boot_logo_updater_exec:file rx_file_perms;
+allow shell bootanim_exec:file rx_file_perms;
+allow shell ccci_fsd_exec:file rx_file_perms;
+allow shell ccci_mdinit_exec:file rx_file_perms;
+allow shell clatd_exec:file rx_file_perms;
+allow shell debuggerd_exec:file rx_file_perms;
+allow shell dex2oat_exec:file rx_file_perms;
+allow shell dhcp6c_exec:file rx_file_perms;
+allow shell dhcp_exec:file rx_file_perms;
+allow shell dmlog_exec:file rx_file_perms;
+allow shell dnsmasq_exec:file rx_file_perms;
+allow shell drmserver_exec:file rx_file_perms;
+allow shell dualmdlogger_exec:file rx_file_perms;
+allow shell dumpstate_exec:file rx_file_perms;
+allow shell em_svr_exec:file rx_file_perms;
+allow shell emdlogger_exec:file rx_file_perms;
+allow shell factory_exec:file rx_file_perms;
+allow shell geomagneticd_exec:file rx_file_perms;
+allow shell gsm0710muxd_exec:file rx_file_perms;
+allow shell gsm0710muxdmd2_exec:file rx_file_perms;
+allow shell hostapd_exec:file rx_file_perms;
+allow shell installd_exec:file rx_file_perms;
+allow shell keystore_exec:file rx_file_perms;
+allow shell lmkd_exec:file rx_file_perms;
+allow shell logd_exec:file rx_file_perms;
+allow shell matv_exec:file rx_file_perms;
+allow shell mc6420d_exec:file rx_file_perms;
+allow shell mdlogger_exec:file rx_file_perms;
+allow shell mdnsd_exec:file rx_file_perms;
+allow shell mediaserver_exec:file rx_file_perms;
+allow shell memsicd_exec:file rx_file_perms;
+allow shell memsicd3416x_exec:file rx_file_perms;
+allow shell mobile_log_d_exec:file rx_file_perms;
+allow shell msensord_exec:file rx_file_perms;
+allow shell mtk_agpsd_exec:file rx_file_perms;
+allow shell mtkbt_exec:file rx_file_perms;
+allow shell mtkrild_exec:file rx_file_perms;
+allow shell mtkrildmd2_exec:file rx_file_perms;
+allow shell mtp_exec:file rx_file_perms;
+allow shell muxreport_exec:file rx_file_perms;
+allow shell netdiag_exec:file rx_file_perms;
+allow shell nvram_agent_binder_exec:file rx_file_perms;
+allow shell nvram_daemon_exec:file rx_file_perms;
+allow shell orientationd_exec:file rx_file_perms;
+allow shell dex2oat_exec:file rx_file_perms;
+allow shell ppl_agent_exec:file rx_file_perms;
+allow shell ppp_exec:file rx_file_perms;
+allow shell pq_exec:file rx_file_perms;
+allow shell racoon_exec:file rx_file_perms;
+allow shell runas_exec:file rx_file_perms;
+allow shell s62xd_exec:file rx_file_perms;
+allow shell sdcardd_exec:file rx_file_perms;
+allow shell shell_exec:file rx_file_perms;
+allow shell sn_exec:file rx_file_perms;
+allow shell thermal_exec:file rx_file_perms;
+allow shell thermal_manager_exec:file rx_file_perms;
+allow shell thermald_exec:file rx_file_perms;
+allow shell tiny_mkswap_exec:file rx_file_perms;
+allow shell tiny_swapon_exec:file rx_file_perms;
+allow shell wifi2agps_exec:file rx_file_perms;
+allow shell wmt_loader_exec:file rx_file_perms;
+allow shell wpa_exec:file rx_file_perms;
+allow shell xlog_exec:file rx_file_perms;
+
+# Date : WK14.47
+# Operation : Migration
+# Purpose : for accessing /storage/emulated/legacy
+# It's mounted as tmpfs file.
+# CTS: testSyncFiles_extStorageVariable & testSyncFiles_normal
+allow shell tmpfs:lnk_file read;
+allow shell tmpfs:lnk_file getattr;
+allow shell block_device:dir search;
+
+# Date : WK14.47
+# Operation : Migration
+# Purpose : for debugging in user debug load.
+# su does't exist on user load.
+userdebug_or_eng(`
+allow shell su_exec:file rx_file_perms;
+')
+
+# Date : WK14.46
+# Operation : Migration
+# Purpose : for MTK Emulator HW GPU
+allow shell qemu_pipe_device:chr_file rw_file_perms;
+
+# GAT ls /data/aee_exp/db.xxxx
+allow shell aee_exp_data_file:dir r_dir_perms;
+allow shell aee_exp_data_file:file r_file_perms;
generated by cgit v1.2.3 (git 2.39.1) at 2026-03-14 00:42:22 +0000