xavi
/
mm_device_meizu_m2note
mirror of https://github.com/Moyster/mm_device_meizu_m2note
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
mm_device_meizu_m2note/sepolicy/recovery.te

98 lines
3.0 KiB
Plaintext
Raw Permalink Blame History

# ==============================================
# MTK Policy Rule
# ==============================================
# recovery console (used in recovery init.rc for /sbin/recovery)
# special factory reset & backup/restore needs permissive mode
# permissive recovery;
# Date : WK14.38
# Operation : Migration
# Purpose : for recovery operation
allow recovery misc_device:chr_file *;
allow recovery platformblk_device:dir *;
allow recovery platformblk_device:blk_file *;
allow recovery vfat:dir *;
allow recovery misc_sd_device:chr_file *;
# Date : WK14.39
# Operation : Migration
# Purpose : for CIP project access /custom partition
allow recovery custom_file:dir *;
allow recovery rootfs:dir *;
# Date : WK14.41
# Operation : Migration
# Purpose : Differential update
allow recovery bootimg_device:chr_file *;
allow recovery recovery_device:chr_file *;
allow recovery logo_device:chr_file *;
allow recovery preloader_device:chr_file *;
allow recovery uboot_device:chr_file *;
allow recovery init:dir *;
allow recovery init:file ~{ execute entrypoint };
allow recovery init:lnk_file *;
allow recovery kernel:dir *;
allow recovery kernel:file ~{ execute entrypoint };
allow recovery kernel:lnk_file *;
# Date : WK14.41
# Operation : Migration
# Purpose : Block full update
allow recovery healthd:dir *;
allow recovery healthd:file ~{ execute entrypoint };
allow recovery healthd:lnk_file *;
dontaudit recovery self:capability sys_ptrace;
allow recovery ueventd:dir *;
allow recovery ueventd:file ~{ execute entrypoint };
allow recovery ueventd:lnk_file *;
# Date : WK14.42
# Operation : Migration
# Purpose : for sepcial factory reset
allow recovery system_data_file:dir *;
allow recovery apk_data_file:dir *;
userdebug_or_eng(`
allow recovery su:dir *;
allow recovery su:file *;
allow recovery su:lnk_file *;
')
# Date : WK14.43
# Operation : Migration
# Purpose : JB to L differential OTA
#allow recovery unlabeled:lnk_file *;
# Date : WK14.45
# Operation : SQC
# Purpose : partition size changed
allow recovery pmt_device:chr_file *;
allow recovery tee_part_device:chr_file *;
# Date : WK14.45
# Operation : Migration
# Purpose : KK->L->L legacy secure OTA
allow recovery proc_sysrq:file { write open };
allow recovery sec_device:chr_file { read ioctl open };
allow recovery sec_ro_device:chr_file { read open };
allow recovery seccfg_device:chr_file { read open };
allow recovery self:capability sys_boot;
# Date : WK14.46
# Operation : Migration
# Purpose : FOTA upgrade
allow recovery app_data_file:dir { write create add_name };
allow recovery app_data_file:dir { read open };
allow recovery app_data_file:file { read write create open };
allow recovery mobicore_data_file:dir { write remove_name search add_name };
allow recovery mobicore_data_file:file { rename setattr read create write getattr unlink open };
allow recovery mobicore_data_file:file { relabelfrom relabelto };
# Date : WK14.47
# Operation : Migration
# Purpose : Root Integrity Check
allow recovery md_ctrl:file { read getattr open };
allow recovery mobicore_data_file:dir { read open };
Reference in New Issue View Git Blame Copy Permalink