diff options
Diffstat (limited to 'sepolicy/zygote.te')
| -rw-r--r-- | sepolicy/zygote.te | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/sepolicy/zygote.te b/sepolicy/zygote.te new file mode 100644 index 0000000..2d4a7ae --- /dev/null +++ b/sepolicy/zygote.te @@ -0,0 +1,72 @@ +# ============================================== +# MTK Policy Rule +# ============================================== + + +# Date : WK14.31 +# Operation : Migration +# Purpose : for MTK boot performance profiling, for access /proc/bootprof +allow zygote devmap_device:chr_file { read ioctl open }; +allow zygote proc:file write; + +# Date : WK14.34 +# Operation : Migration +# Purpose : 6571/6572 LCA external memory access(/dev/exm0) +allow zygote exm0_device:chr_file { read write ioctl open }; + +# Date : WK14.34 +# Operation : Migration +# Purpose : for CIP project (access /custom partition) +allow zygote custom_file:dir rw_dir_perms; +allow zygote custom_file:file create_file_perms; + +# Date : WK14.34 +# Operation : Migration +# Purpose : for untrusted app to use ptrace (e.g. 360Mobile, taobao) +dontaudit zygote untrusted_app:process ptrace; + +# Date : WK14.43 +# Operation : Migration +# Purpose : for dump hprof when OOME +allow zygote anr_data_file:dir *; + +# Date : WK14.43 +# Operation : SQC2 +# Purpose : found in FST Auto Test (ALPS01774709) +allow zygote platform_app:fd use; + +# Date : WK14.44 +# Operation : SQC +# Purpose : found in WLAN test (ALPS01784932) +allow zygote platform_app_tmpfs:file write; + +# Date : WK14.46 +# Operation : SQC +# Purpose : found in sanity test (ALPS01825280) +allow zygote servicemanager:binder call; + +# Date : WK14.49 +# Operation : SQC +# Purpose : for isolated_app to use fd (ex: share image by gmail) +allow zygote isolated_app:fd use; + +# Date : WK15.02 +# Operation : SQC +# Purpose : for Chrome search (ALPS01897864) +allow zygote isolated_app_tmpfs:file write; + +# Date : WK15.02 +# Operation : SQC +# Purpose : for "theScore Sports & Scores" app to play video(ALPS01897019) +allow zygote untrusted_app:fd use; + +# Date : WK15.03 +# Operation : SQC +# Purpose : for FB webpage loading +allow zygote untrusted_app_tmpfs:file write; + +# Date : WK15.08 +# Operation : SQC +# Purpose : for TTLIA +allow zygote radio:fd use; +allow zygote radio_tmpfs:file create_file_perms;
\ No newline at end of file |