blob: 67bd14e3ecf8e7765ac4f3a037803a4d535c23bd (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
# ==============================================
# Policy File of /system/binmdlogger Executable File
# ==============================================
# Type Declaration
# ==============================================
type mdlogger_exec , exec_type, file_type;
type mdlogger ,domain;
# ==============================================
# Android Policy Rule
# ==============================================
# ==============================================
# NSA Policy Rule
# ==============================================
# ==============================================
# MTK Policy Rule
# ==============================================
#permissive mdlogger;
init_daemon_domain(mdlogger)
binder_use(mdlogger)
binder_service(mdlogger)
#=============allow mdlogger to set ==============
allow mdlogger debug_mdlogger_prop:property_service set;
allow mdlogger debug_prop:property_service set;
allow mdlogger ccci_device:chr_file { read write ioctl open };
allow mdlogger ttyGS_device:chr_file { read write open ioctl};
allow mdlogger fuse:dir { write search create rmdir add_name remove_name read open rename};
allow mdlogger fuse:file { write read create open rename unlink getattr setattr append};
allow mdlogger mdlog_data_file:dir { write search read create open rmdir remove_name add_name relabelto getattr};
allow mdlogger mdlog_data_file:fifo_file { read open create setattr};
allow mdlogger mdlog_data_file:file { write read create open rename unlink getattr setattr};
allow mdlogger mdlog_device:chr_file { read write open ioctl};
allow mdlogger system_data_file:dir { write create open add_name relabelfrom};
allow mdlogger init:unix_stream_socket connectto;
allow mdlogger property_socket:sock_file write;
allow mdlogger platform_app:unix_stream_socket connectto;
allow mdlogger shell_exec:file { read execute open execute_no_trans };
allow mdlogger system_file:file execute_no_trans;
allow mdlogger zygote_exec:file { read getattr open };
allow mdlogger tmpfs:lnk_file read;
#============= mdlogger usb logging ==============
# Date : 2014/09/26
# Operation : Migration
# Purpose : [MDLOGGER] [mdlogger usb logging tcp_socket]
# Package: system/bin/mdlogger
allow mdlogger fuse:dir search;
allow mdlogger node:tcp_socket node_bind;
allow mdlogger port:tcp_socket name_bind;
allow mdlogger self:tcp_socket { write read bind create setopt accept listen };
|
