sepolicy: use set_prop() now
This commit is contained in:
Mister Oyster
parent
79353cd74b
commit
a670fd1501
|
|
@ -16,13 +16,11 @@ allow ccci_mdinit sysfs_devinfo:file r_file_perms;
|
|||
allow ccci_mdinit nvram_device:blk_file rw_file_perms;
|
||||
allow ccci_mdinit mtk_md_prop:property_service set;
|
||||
|
||||
allow ccci_mdinit ctl_ccci_fsd_prop:property_service set;
|
||||
allow ccci_mdinit ctl_gsm0710muxd_prop:property_service set;
|
||||
allow ccci_mdinit ctl_rildaemon_prop:property_service set;
|
||||
allow ccci_mdinit radio_prop:property_service set;
|
||||
allow ccci_mdinit ril_mux_report_case_prop:property_service set;
|
||||
set_prop(ccci_mdinit, ctl_ccci_fsd_prop)
|
||||
set_prop(ccci_mdinit, ctl_gsm0710muxd_prop)
|
||||
set_prop(ccci_mdinit, ctl_rildaemon_prop)
|
||||
set_prop(ccci_mdinit, radio_prop)
|
||||
set_prop(ccci_mdinit, ril_mux_report_case_prop)
|
||||
|
||||
allow ccci_mdinit mdlog_data_file:file r_file_perms;
|
||||
allow ccci_mdinit mdlog_data_file:dir r_dir_perms;
|
||||
|
||||
unix_socket_connect(ccci_mdinit, property, init)
|
||||
|
|
@ -4,6 +4,5 @@ type conn_launcher, domain, domain_deprecated;
|
|||
init_daemon_domain(conn_launcher)
|
||||
|
||||
allow conn_launcher stpwmt_device:chr_file rw_file_perms;
|
||||
allow conn_launcher wmt_prop:property_service set;
|
||||
|
||||
unix_socket_connect(conn_launcher, property, init)
|
||||
set_prop(conn_launcher, wmt_prop)
|
||||
|
|
|
|||
|
|
@ -61,6 +61,5 @@ allow factory mnld_prop:property_service set;
|
|||
# Other capabilities
|
||||
allow factory self:capability { dac_override net_admin net_raw sys_nice sys_time };
|
||||
allow factory self:process execmem;
|
||||
allow factory audiohal_prop:property_service set;
|
||||
|
||||
unix_socket_connect(factory, property, init);
|
||||
set_prop(factory, audiohal_prop)
|
||||
|
|
|
|||
|
|
@ -11,8 +11,6 @@ allow gsm0710muxd self:capability { setuid fowner chown };
|
|||
allow gsm0710muxd sysfs_ccci:dir search;
|
||||
allow gsm0710muxd sysfs_ccci:file r_file_perms;
|
||||
|
||||
allow gsm0710muxd ctl_rildaemon_prop:property_service set;
|
||||
allow gsm0710muxd radio_prop:property_service set;
|
||||
allow gsm0710muxd ril_mux_report_case_prop:property_service set;
|
||||
|
||||
unix_socket_connect(gsm0710muxd, property, init)
|
||||
set_prop(gsm0710muxd, ctl_rildaemon_prop)
|
||||
set_prop(gsm0710muxd, radio_prop)
|
||||
set_prop(gsm0710muxd, ril_mux_report_case_prop)
|
||||
|
|
|
|||
|
|
@ -39,7 +39,6 @@ allow meta_tst node:tcp_socket node_bind;
|
|||
|
||||
allow meta_tst sysfs:file write;
|
||||
|
||||
allow meta_tst powerctl_prop:property_service set;
|
||||
unix_socket_connect(meta_tst, property, init)
|
||||
set_prop(meta_tst, powerctl_prop)
|
||||
|
||||
allow meta_tst self:capability { net_raw chown fsetid sys_nice net_admin fowner dac_override sys_admin };
|
||||
|
|
|
|||
|
|
@ -5,6 +5,4 @@ init_daemon_domain(msensord)
|
|||
|
||||
allow msensord msensord_daemon_sysfs:file r_file_perms;
|
||||
|
||||
allow msensord ctl_akmd09911_prop:property_service set;
|
||||
|
||||
unix_socket_connect(msensord, property, init)
|
||||
set_prop(msensord, ctl_akmd09911_prop)
|
||||
|
|
|
|||
|
|
@ -16,9 +16,8 @@ allow nvram_daemon msensor_device:chr_file r_file_perms;
|
|||
allow nvram_daemon gyroscope_device:chr_file r_file_perms;
|
||||
|
||||
allow nvram_daemon proinfo_device:blk_file rw_file_perms;
|
||||
allow nvram_daemon nvram_prop:property_service set;
|
||||
allow nvram_daemon wmt_prop:property_service set;
|
||||
|
||||
set_prop(nvram_daemon, nvram_prop)
|
||||
set_prop(nvram_daemon, wmt_prop)
|
||||
|
||||
allow nvram_daemon block_device:dir search;
|
||||
|
||||
unix_socket_connect(nvram_daemon, property, init)
|
||||
|
|
|
|||
|
|
@ -8,8 +8,6 @@ binder_call(pq, binderservicedomain)
|
|||
binder_service(pq)
|
||||
|
||||
allow pq pq_service:service_manager add;
|
||||
unix_socket_connect(pq, property, init)
|
||||
|
||||
allow pq pq_conf_prop:property_service set;
|
||||
set_prop(pq, pq_conf_prop)
|
||||
|
||||
allow pq graphics_device:chr_file r_file_perms;
|
||||
|
|
|
|||
|
|
@ -17,9 +17,7 @@ allow ril-daemon-mtk self:capability { setuid net_admin net_raw };
|
|||
allow ril-daemon-mtk radio_device:dir search;
|
||||
allow ril-daemon-mtk radio_prop:property_service set;
|
||||
|
||||
allow ril-daemon-mtk ctl_muxreport-daemon_prop:property_service set;
|
||||
allow ril-daemon-mtk ril_mux_report_case_prop:property_service set;
|
||||
allow ril-daemon-mtk ril_sim_inserted_status:property_service set;
|
||||
allow ril-daemon-mtk serial_number_prop:property_service set;
|
||||
|
||||
unix_socket_connect(ril-daemon-mtk, property, init)
|
||||
set_prop(ril-daemon-mtk, ctl_muxreport-daemon_prop)
|
||||
set_prop(ril-daemon-mtk, ril_mux_report_case_prop)
|
||||
set_prop(ril-daemon-mtk, ril_sim_inserted_status)
|
||||
set_prop(ril-daemon-mtk, serial_number_prop)
|
||||
|
|
|
|||
|
|
@ -6,6 +6,5 @@ init_daemon_domain(wmt_loader)
|
|||
allow wmt_loader wmtdetect_device:chr_file create_file_perms;
|
||||
allow wmt_loader self:capability { chown dac_override };
|
||||
allow wmt_loader proc_wmt:file setattr;
|
||||
allow wmt_loader wmt_prop:property_service set;
|
||||
|
||||
unix_socket_connect(wmt_loader, property, init)
|
||||
set_prop(wmt_loader, wmt_prop)
|
||||
|
|
|
|||
Loading…
Reference in New Issue