set necessary domains to permissive
Bug: 254378739 Test: enforce and boot to home Change-Id: I1dc8f400971e0926dbb2c5c0ac6f0ef99250e067
This commit is contained in:
Adam Shih
parent
bd992ad2b4
commit
97748d82a9
7 changed files with 94 additions and 51 deletions
|
|
@ -3,3 +3,4 @@ dontaudit mediaprovider_app vendor_file:file { getattr };
|
|||
dontaudit mediaprovider_app vendor_file:file { map };
|
||||
dontaudit mediaprovider_app vendor_file:file { open };
|
||||
dontaudit mediaprovider_app vendor_file:file { read };
|
||||
permissive mediaprovider_app;
|
||||
|
|
|
|||
|
|
@ -1 +1,4 @@
|
|||
dontaudit odrefresh property_type:file *;
|
||||
userdebug_or_eng(`
|
||||
permissive odrefresh;
|
||||
dontaudit odrefresh property_type:file *;
|
||||
')
|
||||
|
|
|
|||
3
private/system_suspend.te
Normal file
3
private/system_suspend.te
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
userdebug_or_eng(`
|
||||
permissive system_suspend;
|
||||
')
|
||||
|
|
@ -1,2 +0,0 @@
|
|||
# b/261105238
|
||||
dontaudit bootdevice_sysdev sysfs:filesystem { associate };
|
||||
|
|
@ -1,48 +1,84 @@
|
|||
userdebug_or_eng(`
|
||||
permissive pixelstats_vendor;
|
||||
permissive logger_app;
|
||||
permissive fastbootd;
|
||||
permissive audioserver;
|
||||
permissive hal_bluetooth_btlinux;
|
||||
permissive bootdevice_sysdev;
|
||||
permissive charger_vendor;
|
||||
permissive chre;
|
||||
permissive kernel;
|
||||
permissive bootanim;
|
||||
permissive hal_graphics_allocator_default;
|
||||
permissive hal_graphics_composer_default;
|
||||
permissive hal_health_storage_default;
|
||||
permissive hal_power_stats_default;
|
||||
permissive hal_fingerprint_default;
|
||||
permissive gxp_logging;
|
||||
permissive hal_contexthub_default;
|
||||
permissive hal_sensors_default;
|
||||
permissive recovery;
|
||||
permissive con_monitor_app;
|
||||
permissive hal_secure_element_st54spi;
|
||||
permissive ofl_app;
|
||||
permissive hal_thermal_default;
|
||||
permissive hal_secure_element_uicc;
|
||||
permissive hal_usb_gadget_impl;
|
||||
permissive hal_usb_impl;
|
||||
permissive hal_camera_default;
|
||||
permissive hal_uwb_vendor_default;
|
||||
permissive google_camera_app;
|
||||
permissive uwb_vendor_app;
|
||||
permissive hal_wifi_ext;
|
||||
permissive hal_wlc;
|
||||
permissive init;
|
||||
permissive logd;
|
||||
permissive mediacodec_google;
|
||||
permissive mediacodec_samsung;
|
||||
permissive platform_app;
|
||||
permissive hbmsvmanager_app;
|
||||
permissive rlsservice;
|
||||
permissive system_server;
|
||||
permissive tcpdump_logger;
|
||||
permissive vendor_init;
|
||||
permissive tee;
|
||||
permissive trusty_apploader;
|
||||
permissive trusty_metricsd;
|
||||
permissive vold;
|
||||
permissive audioserver;
|
||||
permissive bootanim;
|
||||
permissive bootdevice_sysdev;
|
||||
permissive charger_vendor;
|
||||
permissive chre;
|
||||
permissive citadeld;
|
||||
permissive con_monitor_app;
|
||||
permissive dumpstate;
|
||||
permissive edgetpu_logging;
|
||||
permissive euiccpixel_app;
|
||||
permissive fastbootd;
|
||||
permissive gmscore_app;
|
||||
permissive google_camera_app;
|
||||
permissive gxp_logging;
|
||||
permissive hal_bluetooth_btlinux;
|
||||
permissive hal_bootctl_default;
|
||||
permissive hal_camera_default;
|
||||
permissive hal_confirmationui_default;
|
||||
permissive hal_contexthub_default;
|
||||
permissive hal_dumpstate_default;
|
||||
permissive hal_fingerprint_default;
|
||||
permissive hal_graphics_allocator_default;
|
||||
permissive hal_graphics_composer_default;
|
||||
permissive hal_health_storage_default;
|
||||
permissive hal_neuralnetworks_armnn;
|
||||
permissive hal_neuralnetworks_darwinn;
|
||||
permissive hal_power_default;
|
||||
permissive hal_power_stats_default;
|
||||
permissive hal_secure_element_st54spi;
|
||||
permissive hal_secure_element_uicc;
|
||||
permissive hal_sensors_default;
|
||||
permissive hal_thermal_default;
|
||||
permissive hal_usb_gadget_impl;
|
||||
permissive hal_usb_impl;
|
||||
permissive hal_uwb_default;
|
||||
permissive hal_uwb_vendor_default;
|
||||
permissive hal_vibrator_default;
|
||||
permissive hal_wifi_ext;
|
||||
permissive hal_wireless_charger;
|
||||
permissive hal_wlc;
|
||||
permissive hbmsvmanager_app;
|
||||
permissive hwservicemanager;
|
||||
permissive incidentd;
|
||||
permissive init;
|
||||
permissive insmod-sh;
|
||||
permissive installd;
|
||||
permissive isolated_app;
|
||||
permissive kernel;
|
||||
permissive logd;
|
||||
permissive logger_app;
|
||||
permissive mediacodec_google;
|
||||
permissive mediacodec_samsung;
|
||||
permissive mediaserver;
|
||||
permissive mediaswcodec;
|
||||
permissive nfc;
|
||||
permissive ofl_app;
|
||||
permissive pixelstats_vendor;
|
||||
permissive platform_app;
|
||||
permissive priv_app;
|
||||
permissive proc_vendor_sched;
|
||||
permissive rebalance_interrupts_vendor;
|
||||
permissive recovery;
|
||||
permissive rild;
|
||||
permissive rlsservice;
|
||||
permissive secure_element;
|
||||
permissive servicemanager;
|
||||
permissive shell;
|
||||
permissive ssr_detector_app;
|
||||
permissive system_app;
|
||||
permissive system_server;
|
||||
permissive tcpdump_logger;
|
||||
permissive tee;
|
||||
permissive toolbox;
|
||||
permissive trusty_apploader;
|
||||
permissive trusty_metricsd;
|
||||
permissive untrusted_app;
|
||||
permissive untrusted_app_30;
|
||||
permissive usbd;
|
||||
permissive uwb_vendor_app;
|
||||
permissive vendor_init;
|
||||
permissive vold;
|
||||
permissive zygote;
|
||||
')
|
||||
|
|
|
|||
|
|
@ -1,2 +0,0 @@
|
|||
# b/260366398
|
||||
dontaudit proc_vendor_sched proc:filesystem { associate };
|
||||
4
vendor/file.te
vendored
4
vendor/file.te
vendored
|
|
@ -8,3 +8,7 @@ type sysfs_mfc, sysfs_type, fs_type;
|
|||
|
||||
# Trusty
|
||||
type sysfs_trusty, sysfs_type, fs_type;
|
||||
|
||||
# mount FS
|
||||
allow proc_vendor_sched proc:filesystem associate;
|
||||
allow bootdevice_sysdev sysfs:filesystem associate;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue