53 lines
2.3 KiB
Plaintext
53 lines
2.3 KiB
Plaintext
# ril-3gddaemon - radio interface layer daemon
|
|
type ril-3gddaemon, domain;
|
|
type ril-3gddaemon_exec, exec_type, file_type;
|
|
init_daemon_domain(ril-3gddaemon)
|
|
net_domain(ril-3gddaemon)
|
|
|
|
allow ril-3gddaemon self:netlink_route_socket nlmsg_write;
|
|
allow ril-3gddaemon kernel:system module_request;
|
|
unix_socket_connect(ril-3gddaemon, property, init)
|
|
allow ril-3gddaemon self:capability { setuid setgid net_admin net_raw dac_override sys_module };
|
|
allow ril-3gddaemon alarm_device:chr_file rw_file_perms;
|
|
allow ril-3gddaemon cgroup:dir create_dir_perms;
|
|
allow ril-3gddaemon radio_device:chr_file rw_file_perms;
|
|
allow ril-3gddaemon radio_device:blk_file r_file_perms;
|
|
allow ril-3gddaemon mtd_device:dir search;
|
|
allow ril-3gddaemon efs_file:dir create_dir_perms;
|
|
allow ril-3gddaemon efs_file:file create_file_perms;
|
|
allow ril-3gddaemon shell_exec:file rx_file_perms;
|
|
allow ril-3gddaemon radio_data_file:dir rw_dir_perms;
|
|
allow ril-3gddaemon radio_data_file:file create_file_perms;
|
|
allow ril-3gddaemon sdcard_type:dir r_dir_perms;
|
|
allow ril-3gddaemon system_data_file:dir r_dir_perms;
|
|
allow ril-3gddaemon system_data_file:file r_file_perms;
|
|
allow ril-3gddaemon system_file:file x_file_perms;
|
|
|
|
# property service
|
|
allow ril-3gddaemon radio_prop:property_service set;
|
|
allow ril-3gddaemon net_radio_prop:property_service set;
|
|
allow ril-3gddaemon system_radio_prop:property_service set;
|
|
allow ril-3gddaemon system_prop:property_service set;
|
|
auditallow ril-3gddaemon net_radio_prop:property_service set;
|
|
auditallow ril-3gddaemon system_radio_prop:property_service set;
|
|
allow ril-3gddaemon pppoe_ppp0_prop:property_service set;
|
|
allow ril-3gddaemon ctl_zpppdgprs_prop:property_service set;
|
|
|
|
|
|
# Read/Write to uart driver (for 3gdongle)
|
|
allow ril-3gddaemon tty_device:chr_file rw_file_perms;
|
|
|
|
# Allow ril-3gddaemon to create and use netlink sockets.
|
|
allow ril-3gddaemon self:netlink_socket create_socket_perms;
|
|
allow ril-3gddaemon self:netlink_kobject_uevent_socket create_socket_perms;
|
|
|
|
allow ril-3gddaemon init:dir { getattr open read search };
|
|
allow ril-3gddaemon ppp_exec:file { read open getattr execute execute_no_trans };
|
|
allow ril-3gddaemon ppp_device:chr_file { read write open ioctl };
|
|
allow ril-3gddaemon device:dir { read open write};
|
|
|
|
# Access to wake locks
|
|
wakelock_use(ril-3gddaemon)
|
|
|
|
allow ril-3gddaemon self:socket create_socket_perms;
|