android_device_xiaomi_sm835.../sepolicy/vendor/battery.te
Volodymyr Zhdanov 41641edf48 sm6250-common: sepolicy: fix persist_file neverallow
* it's deprecated in R
2020-12-05 00:36:17 +02:00

41 lines
1.5 KiB
Plaintext

define(`battery_daemons', `{ batteryd batterysecret }')
type batteryd, domain;
type batteryd_exec, exec_type, vendor_file_type, file_type;
type batterysecret, domain;
type batterysecret_exec, exec_type, vendor_file_type, file_type;
type persist_subsys_file, vendor_persist_type, file_type;
init_daemon_domain(batteryd)
init_daemon_domain(batterysecret)
r_dir_file(battery_daemons, cgroup)
r_dir_file(battery_daemons, mnt_vendor_file)
r_dir_file(battery_daemons, persist_subsys_file)
r_dir_file(battery_daemons, rootfs)
r_dir_file(battery_daemons, sysfs_battery_supply)
r_dir_file(battery_daemons, sysfs_batteryinfo)
r_dir_file(battery_daemons, sysfs_type)
r_dir_file(battery_daemons, sysfs_usb_supply)
r_dir_file(battery_daemons, sysfs_usbpd_device)
allow battery_daemons persist_subsys_file:dir w_dir_perms;
allow battery_daemons rootfs:dir w_dir_perms;
allow battery_daemons kmsg_device:chr_file w_file_perms;
allow battery_daemons persist_subsys_file:file w_file_perms;
allow battery_daemons sysfs:file w_file_perms;
allow battery_daemons sysfs_battery_supply:file w_file_perms;
allow battery_daemons sysfs_usb:file w_file_perms;
allow battery_daemons sysfs_usb_supply:file w_file_perms;
allow battery_daemons sysfs_usbpd_device:file w_file_perms;
allow battery_daemons self:global_capability_class_set sys_tty_config;
allow battery_daemons self:global_capability_class_set sys_boot;
allow battery_daemons self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
allow battery_daemons self:capability { chown fsetid };
wakelock_use(battery_daemons)