Stricted
9a2030010d
* taken from https://github.com/lineage-geminipda/android_device_planet_geminipda Change-Id: I80708a4650646ecd870b60217cafc0212aa2022e (cherry picked from commit ce9dd0181db0cdeabb9edaf3781d74fb6645bb98)
68 lines
2.4 KiB
Plaintext
68 lines
2.4 KiB
Plaintext
type factory_exec, exec_type, file_type;
|
|
type factory, domain, domain_deprecated;
|
|
|
|
init_daemon_domain(factory)
|
|
net_domain(factory)
|
|
|
|
allow factory serial_device:chr_file rw_file_perms;
|
|
|
|
# Hardware nodes
|
|
allow factory accdet_device:chr_file r_file_perms;
|
|
allow factory ashmem_device:chr_file execute;
|
|
allow factory audio_device:dir r_dir_perms;
|
|
allow factory audio_device:chr_file rw_file_perms;
|
|
allow factory camera_device:chr_file rw_file_perms;
|
|
allow factory ccci_device:chr_file rw_file_perms;
|
|
allow factory devmap_device:chr_file r_file_perms;
|
|
allow factory fm_device:chr_file rwx_file_perms;
|
|
allow factory gsm0710muxd_device:chr_file rw_file_perms;
|
|
allow factory graphics_device:dir search;
|
|
allow factory graphics_device:chr_file rw_file_perms;
|
|
allow factory input_device:dir r_dir_perms;
|
|
allow factory input_device:chr_file r_file_perms;
|
|
allow factory pmic_adc_device:chr_file rw_file_perms;
|
|
allow factory rtc_device:chr_file rw_file_perms;
|
|
allow factory stpbt_device:chr_file rw_file_perms;
|
|
allow factory wmtWifi_device:chr_file rw_file_perms;
|
|
|
|
# NVRAM
|
|
allow factory nvdata_file:dir create_dir_perms;
|
|
allow factory nvdata_file:file create_file_perms;
|
|
allow factory nvdata_device:blk_file rw_file_perms;
|
|
allow factory nvram_device:blk_file rw_file_perms;
|
|
allow factory proinfo_device:blk_file rw_file_perms;
|
|
|
|
# Storage
|
|
allow factory mnt_user_file:dir search;
|
|
allow factory mmc_device:blk_file rw_file_perms;
|
|
allow factory storage_file:dir r_dir_perms;
|
|
allow factory storage_file:lnk_file r_file_perms;
|
|
allow factory storage_file:file r_file_perms;
|
|
|
|
# Configuration
|
|
allow factory sysfs:file write;
|
|
allow factory sysfs_gps_file:dir r_dir_perms;
|
|
allow factory sysfs_gps_file:file rw_file_perms;
|
|
|
|
# Sensors
|
|
allow factory als_ps_device:chr_file r_file_perms;
|
|
allow factory gsensor_device:chr_file rw_file_perms;
|
|
allow factory msensor_device:chr_file rw_file_perms;
|
|
|
|
# GPS
|
|
allow factory agpsd_data_file:dir r_dir_perms;
|
|
allow factory agpsd_data_file:sock_file write;
|
|
allow factory stpgps_device:chr_file rw_file_perms;
|
|
allow factory gps_device:chr_file rw_file_perms;
|
|
allow factory mnld_data_file:dir rw_dir_perms;
|
|
allow factory mnld_data_file:file rw_file_perms;
|
|
allow factory mnld_exec:file rx_file_perms;
|
|
allow factory mnld_prop:property_service set;
|
|
|
|
# Other capabilities
|
|
allow factory self:capability { dac_override net_admin net_raw sys_nice sys_time };
|
|
allow factory self:process execmem;
|
|
allow factory audiohal_prop:property_service set;
|
|
|
|
unix_socket_connect(factory, property, init);
|