diff options
| author | Andrew Chant <achant@google.com> | 2018-08-21 15:08:48 -0700 |
|---|---|---|
| committer | Andrew Chant <achant@google.com> | 2018-08-27 12:44:15 -0700 |
| commit | 496d4a5ad3445c6276300641033c122ba9196c68 (patch) | |
| tree | 1ce4ead74f2937210704a287e5d7f3d98e9c6782 | |
| parent | 27c7475fd1ba67a6633f852ab8857a8650702e56 (diff) | |
| download | coral-sepolicy-496d4a5ad3445c6276300641033c122ba9196c68.tar.gz | |
Initial coral sepolicy
This has types and init domains only.
Bug: 111935745
Test: lunch coral-userdebug && make
Change-Id: Ic6c3a3bb8229a4a5bfcf13fd9a266a333084ea5a
152 files changed, 1966 insertions, 0 deletions
diff --git a/coral-sepolicy.mk b/coral-sepolicy.mk new file mode 100644 index 0000000..52f7310 --- /dev/null +++ b/coral-sepolicy.mk @@ -0,0 +1,6 @@ +BOARD_PLAT_PUBLIC_SEPOLICY_DIR := device/google/coral-sepolicy/public +BOARD_PLAT_PRIVATE_SEPOLICY_DIR := device/google/coral-sepolicy/private + +# vendors +BOARD_SEPOLICY_DIRS += device/google/coral-sepolicy/vendor/qcom/common +BOARD_SEPOLICY_DIRS += device/google/coral-sepolicy/vendor/qcom/sm8150 diff --git a/private/bt_logger.te b/private/bt_logger.te new file mode 100644 index 0000000..7dfd617 --- /dev/null +++ b/private/bt_logger.te @@ -0,0 +1,6 @@ +type bt_logger, domain; +type bt_logger_exec, exec_type, file_type; +typeattribute bt_logger coredomain; + +init_daemon_domain(bt_logger) + diff --git a/private/device.te b/private/device.te new file mode 100644 index 0000000..332bcd7 --- /dev/null +++ b/private/device.te @@ -0,0 +1,5 @@ +#Define seemplog device +type seemplog_device, dev_type; + +#Define smd7 device +type smd7_device, dev_type; diff --git a/private/dpmd.te b/private/dpmd.te new file mode 100644 index 0000000..8f71b5c --- /dev/null +++ b/private/dpmd.te @@ -0,0 +1,4 @@ +typeattribute dpmd coredomain; +type dpmd_exec, exec_type, file_type; + +init_daemon_domain(dpmd) diff --git a/private/dun-server.te b/private/dun-server.te new file mode 100644 index 0000000..d02821d --- /dev/null +++ b/private/dun-server.te @@ -0,0 +1,5 @@ +type dun-server_exec, exec_type, file_type; +typeattribute dun-server coredomain; + +init_daemon_domain(dun-server) + diff --git a/private/file.te b/private/file.te new file mode 100644 index 0000000..6e48674 --- /dev/null +++ b/private/file.te @@ -0,0 +1,9 @@ +type seemp_data_file, core_data_file_type, data_file_type, file_type; +type seempdw_socket, file_type, mlstrustedobject, coredomain_socket; + +type dpmd_socket, file_type, coredomain_socket; +type dpmd_data_file, file_type, data_file_type, core_data_file_type; +type dpmwrapper_socket, file_type, coredomain_socket, mlstrustedobject; +type qvrd_data_file, file_type, data_file_type, core_data_file_type; +type qvrd_socket, file_type, mlstrustedobject, coredomain_socket; +type qvrd_hvx_socket, file_type, coredomain_socket; diff --git a/private/file_contexts b/private/file_contexts new file mode 100755 index 0000000..6de52a5 --- /dev/null +++ b/private/file_contexts @@ -0,0 +1,11 @@ +####### system file ############### +/system/bin/seempd u:object_r:seempd_exec:s0 +/system/bin/dpmd u:object_r:dpmd_exec:s0 +/system/bin/dun-server u:object_r:dun-server_exec:s0 +/system/bin/bt_logger u:object_r:bt_logger_exec:s0 +/system/etc/init\.qcom\.testscripts\.sh u:object_r:qti-testscripts_exec:s0 +/system/bin/smcinvoked u:object_r:smcinvoke_daemon_exec:s0 +/system/bin/qvrservice u:object_r:qvrd_exec:s0 +/system/bin/wfdservice u:object_r:wfdservice_exec:s0 +/system/bin/mmi u:object_r:vendor_mmi_sys_exec:s0 +/system/bin/mmi_diag u:object_r:vendor_mmi_sys_exec:s0 diff --git a/private/ioctl_defines b/private/ioctl_defines new file mode 100644 index 0000000..93a833d --- /dev/null +++ b/private/ioctl_defines @@ -0,0 +1,7 @@ +# socket ioctls defined in the kernel in include/uapi/linux/msm_ipc.h +define(`IPC_ROUTER_IOCTL_GET_VERSION', `0x0000c300') +define(`IPC_ROUTER_IOCTL_GET_MTU', `0x0000c301') +define(`IPC_ROUTER_IOCTL_LOOKUP_SERVER', `0x0000c302') +define(`IPC_ROUTER_IOCTL_GET_CURR_PKT_SIZE', `0x0000c303') +define(`IPC_ROUTER_IOCTL_BIND_CONTROL_PORT', `0x0000c304') +define(`IPC_ROUTER_IOCTL_CONFIG_SEC_RULES', `0x0000c305') diff --git a/private/ioctl_macros b/private/ioctl_macros new file mode 100644 index 0000000..e641c00 --- /dev/null +++ b/private/ioctl_macros @@ -0,0 +1,8 @@ +define(`msm_sock_ipc_ioctls_system', `{ +IPC_ROUTER_IOCTL_GET_VERSION +IPC_ROUTER_IOCTL_GET_MTU +IPC_ROUTER_IOCTL_LOOKUP_SERVER +IPC_ROUTER_IOCTL_GET_CURR_PKT_SIZE +IPC_ROUTER_IOCTL_BIND_CONTROL_PORT +IPC_ROUTER_IOCTL_CONFIG_SEC_RULES +}') diff --git a/private/mmi_sys.te b/private/mmi_sys.te new file mode 100755 index 0000000..acd619e --- /dev/null +++ b/private/mmi_sys.te @@ -0,0 +1,7 @@ +typeattribute vendor_mmi_sys coredomain; +type vendor_mmi_sys_exec, exec_type, file_type; + +#init +init_daemon_domain(vendor_mmi_sys) + + diff --git a/private/qti-testscripts.te b/private/qti-testscripts.te new file mode 100644 index 0000000..a7912b3 --- /dev/null +++ b/private/qti-testscripts.te @@ -0,0 +1,9 @@ +#as the exec is defined in file_context it is hitting build +# error in user build so moving out of the macro +type qti-testscripts_exec, exec_type, file_type; + +userdebug_or_eng(` + typeattribute qti-testscripts coredomain; + init_daemon_domain(qti-testscripts) + +') diff --git a/private/qvrd.te b/private/qvrd.te new file mode 100644 index 0000000..4353a9f --- /dev/null +++ b/private/qvrd.te @@ -0,0 +1,6 @@ +typeattribute qvrd coredomain; +type qvrd_exec, exec_type, file_type; + +init_daemon_domain(qvrd) + + diff --git a/private/seempd.te b/private/seempd.te new file mode 100644 index 0000000..2ed5742 --- /dev/null +++ b/private/seempd.te @@ -0,0 +1,5 @@ +type seempd, domain, mlstrustedsubject, coredomain; +type seempd_exec, exec_type, file_type; + +init_daemon_domain(seempd) + diff --git a/private/service.te b/private/service.te new file mode 100644 index 0000000..a02db5a --- /dev/null +++ b/private/service.te @@ -0,0 +1,12 @@ +type seemp_service, service_manager_type; +type cne_service, service_manager_type; +type dpmservice, service_manager_type; +type uce_service, service_manager_type; +type color_service, service_manager_type; +type MinkBinderSvc, app_api_service, service_manager_type; +type izat_service, app_api_service, system_api_service, service_manager_type; +type regionalization_service, system_api_service, service_manager_type; +type wigigp2p_service, app_api_service, system_server_service, service_manager_type; +type wigig_service, app_api_service, system_server_service, service_manager_type; +type vendor_perf_service, app_api_service, system_server_service, service_manager_type; +type wfdservice_service, service_manager_type; diff --git a/private/smcinvoked.te b/private/smcinvoked.te new file mode 100644 index 0000000..9140877 --- /dev/null +++ b/private/smcinvoked.te @@ -0,0 +1,6 @@ +type smcinvoke_daemon, domain, coredomain; +type smcinvoke_daemon_exec, exec_type, file_type; + +init_daemon_domain(smcinvoke_daemon) + + diff --git a/private/wfdservice.te b/private/wfdservice.te new file mode 100644 index 0000000..9d32684 --- /dev/null +++ b/private/wfdservice.te @@ -0,0 +1,6 @@ +typeattribute wfdservice coredomain; + +#Allow for transition from init domain to wfdservice +init_daemon_domain(wfdservice) + + diff --git a/public/dataservice_app.te b/public/dataservice_app.te new file mode 100644 index 0000000..426416c --- /dev/null +++ b/public/dataservice_app.te @@ -0,0 +1 @@ +type dataservice_app, domain; diff --git a/public/device.te b/public/device.te new file mode 100644 index 0000000..7639691 --- /dev/null +++ b/public/device.te @@ -0,0 +1,2 @@ +#define smcinvoke device +type smcinvoke_device, dev_type; diff --git a/public/dpmd.te b/public/dpmd.te new file mode 100644 index 0000000..8ae0503 --- /dev/null +++ b/public/dpmd.te @@ -0,0 +1 @@ +type dpmd,domain; diff --git a/public/dun-server.te b/public/dun-server.te new file mode 100644 index 0000000..889504e --- /dev/null +++ b/public/dun-server.te @@ -0,0 +1 @@ +type dun-server, domain; diff --git a/public/file.te b/public/file.te new file mode 100644 index 0000000..ddf72a6 --- /dev/null +++ b/public/file.te @@ -0,0 +1 @@ +type dpmtcm_socket, file_type, coredomain_socket, mlstrustedobject; diff --git a/public/hwservice.te b/public/hwservice.te new file mode 100644 index 0000000..0751bc4 --- /dev/null +++ b/public/hwservice.te @@ -0,0 +1 @@ +type hal_atfwd_hwservice, coredomain_hwservice, hwservice_manager_type; diff --git a/public/mmi_sys.te b/public/mmi_sys.te new file mode 100755 index 0000000..c14aa19 --- /dev/null +++ b/public/mmi_sys.te @@ -0,0 +1 @@ +type vendor_mmi_sys, domain; diff --git a/public/property.te b/public/property.te new file mode 100644 index 0000000..76a3ad6 --- /dev/null +++ b/public/property.te @@ -0,0 +1,4 @@ +type persist_dpm_prop, property_type; +# this is vendor defined property and added with prefix vendor +# which is going to be working from system +type vendor_bt_prop, property_type; diff --git a/public/qtelephony.te b/public/qtelephony.te new file mode 100644 index 0000000..99191bc --- /dev/null +++ b/public/qtelephony.te @@ -0,0 +1 @@ +type qtelephony, domain; diff --git a/public/qti-testscripts.te b/public/qti-testscripts.te new file mode 100644 index 0000000..cff8a7d --- /dev/null +++ b/public/qti-testscripts.te @@ -0,0 +1,3 @@ +userdebug_or_eng(` + type qti-testscripts, domain, mlstrustedsubject; +') diff --git a/public/qvrd.te b/public/qvrd.te new file mode 100644 index 0000000..f7fa26a --- /dev/null +++ b/public/qvrd.te @@ -0,0 +1 @@ +type qvrd, domain; diff --git a/public/wfdservice.te b/public/wfdservice.te new file mode 100644 index 0000000..d6bee91 --- /dev/null +++ b/public/wfdservice.te @@ -0,0 +1,2 @@ +type wfdservice, domain; +type wfdservice_exec, exec_type, file_type; diff --git a/vendor/qcom/common/adpl.te b/vendor/qcom/common/adpl.te new file mode 100644 index 0000000..ad80aec --- /dev/null +++ b/vendor/qcom/common/adpl.te @@ -0,0 +1,4 @@ +type adpl, domain; +type adpl_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(adpl) + diff --git a/vendor/qcom/common/adsprpcd.te b/vendor/qcom/common/adsprpcd.te new file mode 100644 index 0000000..5a9a251 --- /dev/null +++ b/vendor/qcom/common/adsprpcd.te @@ -0,0 +1,7 @@ +# adsprpcd daemon +type adsprpcd, domain; +type adsprpcd_exec, exec_type, vendor_file_type, file_type; + +# Started by init +init_daemon_domain(adsprpcd) + diff --git a/vendor/qcom/common/atfwd.te b/vendor/qcom/common/atfwd.te new file mode 100644 index 0000000..f764b90 --- /dev/null +++ b/vendor/qcom/common/atfwd.te @@ -0,0 +1,5 @@ +type atfwd, domain; +type atfwd_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(atfwd) + diff --git a/vendor/qcom/common/attributes b/vendor/qcom/common/attributes new file mode 100644 index 0000000..7e6def7 --- /dev/null +++ b/vendor/qcom/common/attributes @@ -0,0 +1 @@ +attribute vendor_persist_type; diff --git a/vendor/qcom/common/audiod.te b/vendor/qcom/common/audiod.te new file mode 100644 index 0000000..182c91d --- /dev/null +++ b/vendor/qcom/common/audiod.te @@ -0,0 +1,5 @@ +# audio daemon +type audiod, domain; +type audiod_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(audiod) + diff --git a/vendor/qcom/common/bg_daemon.te b/vendor/qcom/common/bg_daemon.te new file mode 100644 index 0000000..01723ea --- /dev/null +++ b/vendor/qcom/common/bg_daemon.te @@ -0,0 +1,7 @@ +#policy for bg daemon +type bg_daemon, domain; +type bg_daemon_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(bg_daemon) + + diff --git a/vendor/qcom/common/bluetooth.te b/vendor/qcom/common/bluetooth.te new file mode 100644 index 0000000..74fab17 --- /dev/null +++ b/vendor/qcom/common/bluetooth.te @@ -0,0 +1,14 @@ +#Adding all bt related service to bt domains +type sapd, bluetoothdomain; +type sapd_exec, exec_type, vendor_file_type, file_type; + +type btsnoop, bluetoothdomain; +type btsnoop_exec, exec_type, vendor_file_type, file_type; + +type btnvtool, bluetoothdomain; +type btnvtool_exec, exec_type, vendor_file_type, file_type; + +type fmhal_service, bluetoothdomain; +type fmhal_service_exec, exec_type, vendor_file_type, file_type; + + diff --git a/vendor/qcom/common/cdsprpcd.te b/vendor/qcom/common/cdsprpcd.te new file mode 100644 index 0000000..140ed47 --- /dev/null +++ b/vendor/qcom/common/cdsprpcd.te @@ -0,0 +1,8 @@ +# cdsprpcd daemon +type cdsprpcd, domain; +type cdsprpcd_exec, exec_type, vendor_file_type, file_type; + +# Started by init +init_daemon_domain(cdsprpcd) + + diff --git a/vendor/qcom/common/charger_monitor.te b/vendor/qcom/common/charger_monitor.te new file mode 100644 index 0000000..75a5785 --- /dev/null +++ b/vendor/qcom/common/charger_monitor.te @@ -0,0 +1,7 @@ +#integrated process +type charger_monitor, domain; +type charger_monitor_exec, exec_type, vendor_file_type, file_type; + +#started by init +init_daemon_domain(charger_monitor) + diff --git a/vendor/qcom/common/chre.te b/vendor/qcom/common/chre.te new file mode 100644 index 0000000..d6ea8d3 --- /dev/null +++ b/vendor/qcom/common/chre.te @@ -0,0 +1,8 @@ +# This daemon loads the Context Hub Runtime Environment (CHRE) dynamic modules +# onto the SLPI using FastRPC, and exposes a sockets interface for clients on +# the applications processor to interact CHRE +type chre, domain; +type chre_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(chre) + diff --git a/vendor/qcom/common/cnd.te b/vendor/qcom/common/cnd.te new file mode 100644 index 0000000..8674fc8 --- /dev/null +++ b/vendor/qcom/common/cnd.te @@ -0,0 +1,8 @@ +#permissive cnd; +type cnd, domain, mlstrustedsubject; +type cnd_exec, exec_type, vendor_file_type, file_type; +file_type_auto_trans(cnd, socket_device, cnd_socket); + +# cnd is started by init, type transit from init domain to cnd domain +init_daemon_domain(cnd) + diff --git a/vendor/qcom/common/device.te b/vendor/qcom/common/device.te new file mode 100644 index 0000000..8f2f371 --- /dev/null +++ b/vendor/qcom/common/device.te @@ -0,0 +1,164 @@ +#Define the logging device type +type diag_device, dev_type, mlstrustedobject; +type smem_log_device, dev_type; + +#Define the hsic device +type hsic_device, dev_type; + +#Define the mhi device +type mhi_device, dev_type; + +#Define the bhi device +type bhi_device, dev_type; + +#device type for smd device nodes, ie /dev/smd* +type smd_device, dev_type; + +#device type for rmnet device nodes, ie /dev/rmnet_ctrl* +type rmnet_device, dev_type; + +#Define thermal-engine devices +type thermal_device, dev_type; + +#Define vm_bms devices +type vm_bms_device, dev_type; +type battery_data_device, dev_type; + +#Add qdsp_device type +type qdsp_device, dev_type, mlstrustedobject; +type dsp_device, dev_type; +type xdsp_device, dev_type; +#Define hvdcp/quickcharge device +type hvdcp_device, dev_type; + +#Define mpdecision device +type device_latency, dev_type; + +#Added for fm_radio device +type fm_radio_device, dev_type; + +#Add for storage pertitions for EFS partitions +type modem_efs_partition_device, dev_type; + +#Define device for partition links +type ssd_device, dev_type; +type rpmb_device, dev_type; +type sg_device, dev_type; +type dip_device, dev_type; +type mdtp_device, dev_type; +type sd_device, dev_type; + +#ESOC device +type esoc_device, dev_type; + +#SSR device +type ssr_device, dev_type; + +#Ramdump device +type ramdump_device, dev_type; + +#Kickstart bridge devices +type ksbridgehsic_device, dev_type; + +#EFS sync bridge devices +type efsbridgehsic_device, dev_type; + +#EFS sync block devices +type efs_boot_dev, dev_type; + +#MBA debug image partition +type mba_debug_dev, dev_type; + +#logdump partition +type logdump_partition, dev_type; + +#Bootselect partition +type bootselect_device, dev_type; + +#define usb_uicc_device for usb_uicc daemon +type usb_uicc_device, dev_type; + +# Define IPA devices +type ipa_dev, dev_type; + +type wcnss_device, dev_type; + +# Define spcom device +type spcom_device, dev_type; + +# Define skp device +type skp_device, dev_type; + +# Define sp_ssr device +type sp_ssr_device, dev_type; + +# Define sp_keymaster device +type sp_keymaster_device, dev_type; + +# Define sec_nvm devices +type sec_nvm_device, dev_type; + +# Define cryptoapp device +type cryptoapp_device, dev_type; + +# Define spdaemon_ssr device +type spdaemon_ssr_device, dev_type; + +# Define qsee_ipc_irq_spss device +type qsee_ipc_irq_spss_device, dev_type; + +# Define QDSS devices +type qdss_device, dev_type; + +#Define Gadget serial device +type gadget_serial_device, dev_type; + +#energy-awareness device +type pta_device, dev_type; + +#Added for hbtp +type bu21150_device, dev_type; +type hbtp_device, dev_type; + +#Define qfintverify device +type qce_device, dev_type; +type rng_device, dev_type; + +#Define system health monitor devices +type system_health_monitor_device, dev_type; + +#Define usf device +type usf_device, dev_type; + +#Define qbt1000 device - ultrasonic fingperprint sensor +type qbt1000_device, dev_type; + +#Define avtimer device +type avtimer_device, dev_type; + +#define AT device +type at_device, dev_type; + +#define Bluetooth device +type bt_device, dev_type; + +#define Wlan device +type wlan_device, dev_type; + +#Define rawdump block device +type rawdump_block_device, dev_type; + +#Block device for A/B partitions +type custom_ab_block_device, dev_type; +type xbl_block_device, dev_type; +type gpt_block_device, dev_type; +type modem_block_device, dev_type; +type uefi_block_device, dev_type; + +#define bgcom char device +type bg_daemon_device, dev_type; + +type persist_block_device, dev_type; + +#Define npu device +type npu_device, dev_type; diff --git a/vendor/qcom/common/diag.te b/vendor/qcom/common/diag.te new file mode 100644 index 0000000..afaa9e0 --- /dev/null +++ b/vendor/qcom/common/diag.te @@ -0,0 +1,5 @@ +type diag, domain; +type diag_exec, exec_type, vendor_file_type, file_type; +userdebug_or_eng(` + init_daemon_domain(diag) +') diff --git a/vendor/qcom/common/dtsconfigurator.te b/vendor/qcom/common/dtsconfigurator.te new file mode 100644 index 0000000..a97703e --- /dev/null +++ b/vendor/qcom/common/dtsconfigurator.te @@ -0,0 +1,6 @@ +type dtsconfigurator, domain; +type dtsconfigurator_exec, exec_type, vendor_file_type, file_type; + +#started by init +init_daemon_domain(dtsconfigurator) + diff --git a/vendor/qcom/common/dtseagleservice.te b/vendor/qcom/common/dtseagleservice.te new file mode 100644 index 0000000..caeb34e --- /dev/null +++ b/vendor/qcom/common/dtseagleservice.te @@ -0,0 +1,7 @@ +type dtseagleservice, domain; +type dtseagleservice_exec, exec_type, vendor_file_type, file_type; + +#Allow for transition from init domain to dtseagleservice +init_daemon_domain(dtseagleservice) + + diff --git a/vendor/qcom/common/energyawareness.te b/vendor/qcom/common/energyawareness.te new file mode 100644 index 0000000..8d1edde --- /dev/null +++ b/vendor/qcom/common/energyawareness.te @@ -0,0 +1,6 @@ +type energyawareness, domain; +type energyawareness_exec, exec_type, vendor_file_type, file_type; + +#started by init +init_daemon_domain(energyawareness) + diff --git a/vendor/qcom/common/esepmdaemon.te b/vendor/qcom/common/esepmdaemon.te new file mode 100644 index 0000000..86118a7 --- /dev/null +++ b/vendor/qcom/common/esepmdaemon.te @@ -0,0 +1,7 @@ +type esepmdaemon, domain; +type esepmdaemon_exec, exec_type, vendor_file_type, file_type; + +#Allow for transition from init domain to esepmdaemon +init_daemon_domain(esepmdaemon) + + diff --git a/vendor/qcom/common/fidodaemon.te b/vendor/qcom/common/fidodaemon.te new file mode 100644 index 0000000..bde9ce8 --- /dev/null +++ b/vendor/qcom/common/fidodaemon.te @@ -0,0 +1,7 @@ +type fidodaemon, domain; +type fidodaemon_exec, exec_type, vendor_file_type, file_type; + +#Allow for transition from init domain to fidodaemon +init_daemon_domain(fidodaemon) + + diff --git a/vendor/qcom/common/file.te b/vendor/qcom/common/file.te new file mode 100644 index 0000000..6c4ba27 --- /dev/null +++ b/vendor/qcom/common/file.te @@ -0,0 +1,357 @@ +# Default type for anything under /firmware. +type firmware_file, file_type, contextmount_type, vendor_file_type; + +# All files under /vendor/firmware +type vendor_firmware_file, vendor_file_type, file_type; + +#Define the qmux socket type +type qmuxd_socket, file_type; + +#Define the netmgrd socket type +type netmgrd_socket, file_type; + +#QTI file types +type vendor_qti_data_file, file_type, data_file_type; + +type proc_wifi_dbg, proc_type, fs_type; +#Define the pps socket type +type pps_socket, file_type; + +#Define the qdcmss socket type +type qdcmsocket_socket, file_type; + +# Define cnd socket and data file type +type cnd_socket, file_type, mlstrustedobject; +type cnd_data_file, file_type, data_file_type; +type chre_socket, file_type; + +# Define dpmd data file type +#type dpmd_socket, file_type; +#type dpmwrapper_socket, file_type, mlstrustedobject; +#type dpmd_data_file, file_type, data_file_type; +#typealias system_app_data_file alias dpmd_app_data_file; +#typealias system_app_data_file alias qtitetherservice_app_data_file; + +#Define the timeout for platform specific transports +type sysfs_hsic_modem_wait, sysfs_type, fs_type; +type sysfs_smd_open_timeout, sysfs_type, fs_type; + +#Define the files written during the operation of netmgrd and qmuxd +type netmgrd_data_file, file_type, data_file_type; +type sysrq_trigger_proc, fs_type, mlstrustedobject; +# Persist file types +type persist_file, file_type, vendor_persist_type; +type persist_bluetooth_file, file_type , vendor_persist_type; +type persist_data_file, file_type , vendor_persist_type; +type persist_drm_file, file_type , vendor_persist_type; +type data_qtee_file, file_type, data_file_type; +type vendor_persist_mmi_file, file_type, vendor_persist_type; +type persist_misc_file, file_type , vendor_persist_type; +type persist_bms_file, file_type , vendor_persist_type; +type persist_secnvm_file, file_type , vendor_persist_type; +type persist_hvdcp_file, file_type , vendor_persist_type; + +#file type for restricting proc read by audiod +type proc_audiod, fs_type, proc_type; + +#file type for irqbalance socket +type msm_irqbalance_socket, file_type; + +# Sensor file types +type sensors_socket, file_type; +type sensors_persist_file, file_type, vendor_persist_type; +type sysfs_sensors, sysfs_type, fs_type; + +#type for thermal-engine +type thermal_socket, file_type; +#type for uart +type sysfs_msmuart_file, sysfs_type, fs_type; + +# Storage RFS file types +type rfs_system_file, file_type; +type rfs_file, file_type, data_file_type; +type rfs_shared_hlos_file, file_type, data_file_type; +type persist_rfs_file, file_type, vendor_persist_type; +type persist_rfs_shared_hlos_file, file_type, vendor_persist_type; + +#mm-pp-daemon file type for sysfs access +#type sysfs_leds, fs_type, sysfs_type; + +#Define the files written during the operation of mm-pp-daemon +type data_ad_calib_cfg, file_type, data_file_type; + +#SurfaceFlinger file type for sysfs access +type sysfs_graphics, sysfs_type, fs_type; + +# USB/battery power supply type for hvdcp/quickcharge +type sysfs_usb_supply, sysfs_type, fs_type; +type sysfs_battery_supply, sysfs_type, fs_type; +type sysfs_usbpd_device, sysfs_type, fs_type; +# sysfs vadc device for hvdcp/quickcharge +type sysfs_vadc_dev, sysfs_type, fs_type; +# sysfs spmi device for hvdcp/quickcharge +type sysfs_spmi_dev, sysfs_type, fs_type; + +# sysfs qdss device for qcomsysd +type sysfs_qdss_dev, sysfs_type, fs_type; + +# sysfs poweron_alarm is used in init.target.rc +type sysfs_poweron_alarm, sysfs_type, fs_type; + +#Define the files written during the operation of mpdecision +type sysfs_mpdecision, fs_type, sysfs_type; +type sysfs_rqstats, fs_type, sysfs_type; +type sysfs_cpu_online, fs_type, sysfs_type; +type mpctl_socket, file_type, mlstrustedobject; +type mpctl_data_file, file_type, data_file_type; + +#Define the files used by lm +type lm_data_file, file_type, data_file_type; + +type sysfs_devfreq, fs_type, sysfs_type; +type sysfs_devfreq_l3cdsp, fs_type, sysfs_type; +type sysfs_mmc_host, fs_type, sysfs_type; +type sysfs_scsi_host, fs_type, sysfs_type; +type sysfs_cpu_boost, fs_type, sysfs_type; +type sysfs_msm_perf, fs_type, sysfs_type; +type sysfs_memory, fs_type, sysfs_type; +type sysfs_lib, fs_type, sysfs_type; +type sysfs_slpi, fs_type, sysfs_type; +type sysfs_process_reclaim, fs_type, sysfs_type; +type sysfs_vmpressure, fs_type, sysfs_type; + +#define the files writer during the operation of app state changes +type gamed_socket, file_type; + +#define the files writter during the operatio of iop +type iop_socket, file_type; +type iop_data_file, file_type, data_file_type; + +#Socket node needed by ims_data daemon +type ims_socket, file_type; + +#mink-lowi-interface-daemon (mlid) socket +type mlid_socket, file_type, mlstrustedobject; + +#ssg qmi gateway daemon socket +type ssgqmig_socket, file_type, mlstrustedobject; + +#ssg tz daemon socket +type ssgtzd_socket, file_type, mlstrustedobject; + +#location file types +type location_data_file, file_type, data_file_type; +type location_socket, file_type, data_file_type; +type location_app_data_file, file_type, data_file_type; + +#File types required by mdm-helper +type sysfs_esoc, sysfs_type, fs_type; +type sysfs_ssr, sysfs_type, fs_type; +type sysfs_ssr_toggle, sysfs_type, fs_type; +type sysfs_hsic, sysfs_type, fs_type; +type sysfs_hsic_host_rdy, sysfs_type, fs_type; + +# Files accessed by qcom-system-daemon +type sysfs_socinfo, fs_type, sysfs_type; + +#Define the sysfs files for usb_uicc_daemon +type sysfs_usb_uicc, sysfs_type, fs_type; + +type qlogd_socket, file_type, mlstrustedobject; +#Defines the files (configs, dumps, etc) used by display processes +type display_vendor_data_file, file_type, data_file_type; + +#Define the files for the operation of QDCM +type persist_display_file, file_type, vendor_persist_type; + +# IPA file types +type ipacm_socket, file_type; +type ipa_vendor_data_file, file_type, data_file_type; + +# vendor audio data file +type vendor_audio_data_file, file_type, data_file_type; + +# Tombstone vendor data +type vendor_tombstone_data_file, file_type, data_file_type; + +# Port-bridge file types +type port_bridge_data_file, file_type, data_file_type; + +#bluetooth firmware file types +type bt_firmware_file, file_type, contextmount_type, vendor_file_type; + +#needed by vold +type proc_dirty_ratio, fs_type, proc_type; + +#File types by mmi +type vendor_mmi_socket, file_type; + +# hbtp config file +type hbtp_cfg_file, file_type, vendor_file_type; +type hbtp_log_file, file_type, data_file_type; +type hbtp_kernel_sysfs, fs_type, sysfs_type; + +type persist_usf_file, file_type, vendor_persist_type; + +#qfp-daemon +type qfp-daemon_data_file, file_type, data_file_type; +type persist_qti_fp_file, file_type, vendor_persist_type; + +#qsee_svc_app file types +type qsee_svc_app_data_file, file_type, data_file_type; + +# imshelper_app file types +type imshelper_app_data_file, file_type, data_file_type; + +# RIDL data files +type RIDL_data_file, file_type, data_file_type; +type RIDL_socket, file_type, data_file_type; + +# qti_logkit data files (privileged and public) +type qti_logkit_priv_data_file, file_type, data_file_type; +type qti_logkit_pub_data_file, file_type, data_file_type; +type qti_logkit_priv_socket, file_type, data_file_type; +type qti_logkit_pub_socket, file_type, mlstrustedobject, data_file_type; + +# used for /dsp files +type adsprpcd_file, file_type, mlstrustedobject, vendor_file_type; + +#mdtp_svc_app file types +type mdtp_svc_app_data_file, file_type, data_file_type; + +# Regionalization files +type regionalization_file, file_type , vendor_persist_type; +type vendor_carrier_file, file_type, vendor_file_type; + +# /data/system/swap/swapfile - swapfile +type swap_data_file, file_type, data_file_type; + +# dynamic nv files +type dynamic_nv_data_file, file_type, data_file_type; + +# Wifi Data file +type wifi_vendor_data_file, file_type, data_file_type; +type wifi_vendor_wpa_socket, file_type, data_file_type; +type wifi_vendor_hostapd_socket, file_type, data_file_type; +type hostapd_socket, file_type, data_file_type; + +#widevine data file +type vendor_mediadrm_data_file, file_type, data_file_type; + +# wififtmd socket file +type wififtmd_socket, file_type; + +type persist_alarm_file, file_type, vendor_persist_type; + +type persist_time_file, file_type, vendor_persist_type; + +# nfc file type for data vendor access +type nfc_vendor_data_file, file_type, data_file_type; + +# kgsl file type for sysfs access +type sysfs_kgsl, sysfs_type, fs_type; +type sysfs_kgsl_proc, sysfs_type, fs_type; +# kgsl snapshot file type for sysfs access +type sysfs_kgsl_snapshot, sysfs_type, fs_type; + +# secure touch files +type sysfs_securetouch, fs_type, sysfs_type; + +#data sysfs files +type sysfs_data, fs_type, sysfs_type; + +#diag sysfs files +type sysfs_diag, fs_type, sysfs_type; + +#laser sysfs files +type sysfs_laser, fs_type, sysfs_type; + +# QDMA data files +type vendor_qdma_data_file, file_type, data_file_type; +type qdma_socket, file_type; + +# path to debugfs use this whic should be only used +# in debug builds +type qti_debugfs, fs_type, debugfs_type; + +# vendor radio files +type vendor_radio_data_file, file_type, data_file_type; + +# vendor MBN files +type vendor_mbn_data_file, file_type, data_file_type; + +#uio sysfs +type sysfs_uio_file, fs_type, sysfs_type; + +#irq balance sysfs type +type sysfs_irqbalance , sysfs_type, fs_type; + +# vpp files +type vendor_vpp_data_file, file_type, data_file_type; +type persist_vpp_file, file_type, vendor_persist_type; + +# vendor camera files +type vendor_camera_data_file, file_type, data_file_type; + +# vendor media files +type vendor_media_data_file, file_type, data_file_type; + +# wigig, fstman +type sysfs_bond0, fs_type, sysfs_type; +type sysfs_wigig, fs_type, sysfs_type; +type wigignpt_socket, file_type, data_file_type; + +# wigig_hostapd +type wigig_hostapd_socket, file_type, data_file_type; + +# ea sysfs files +type sysfs_ea, fs_type, sysfs_type; + +#audio sysfs files +type sysfs_audio, fs_type, sysfs_type; + +# lpm sysfs files +type sysfs_msm_stats, fs_type, sysfs_type; +type sysfs_msm_power, fs_type, sysfs_type; + +type sysfs_fm, sysfs_type, fs_type; + +# for adsp to load /sys/kernel/b ot_adsp/boot +type sysfs_boot_adsp, sysfs_type, fs_type; + +# SFS listener data file +type data_tzstorage_file, file_type, data_file_type; + +#TLOC Files +type tlocd_data_file, file_type, data_file_type; + +#DRM files +type data_qsee_file, file_type, data_file_type; + +#secure touch +type sysfs_sectouch, sysfs_type, fs_type; + +#TUI Files +type vendor_tui_data_file, file_type, data_file_type; + +#BT Files +type vendor_bt_data_file, file_type, data_file_type; + +#sysfs jpeg +type sysfs_jpeg, fs_type, sysfs_type; + +#SSR Log Files +type ramdump_vendor_data_file, file_type, data_file_type, mlstrustedobject; + +# npu file +type sysfs_npu, fs_type, sysfs_type; + +# subsystem_ramdump files +type vendor_ramdump_data_file, file_type, data_file_type; +type vendor_mdmhelperdata_data_file, file_type, data_file_type; + +#for mount of /persist +typeattribute mnt_vendor_file vendor_persist_type; + +#NNHAL files +type hal_neuralnetworks_data_file, file_type, data_file_type; diff --git a/vendor/qcom/common/file_contexts b/vendor/qcom/common/file_contexts new file mode 100644 index 0000000..9f7a345 --- /dev/null +++ b/vendor/qcom/common/file_contexts @@ -0,0 +1,337 @@ +################################### +# System files +# +/(vendor|system/vendor)/bin/ATFWD-daemon u:object_r:atfwd_exec:s0 +/(vendor|system/vendor)/bin/PktRspTest u:object_r:diag_exec:s0 +/(vendor|system/vendor)/bin/audiod u:object_r:audiod_exec:s0 +/(vendor|system/vendor)/bin/nqnfcinfo u:object_r:nqnfcinfo_exec:s0 +/(vendor|system/vendor)/bin/charger_monitor u:object_r:charger_monitor_exec:s0 +/(vendor|system/vendor)/bin/hvdcp_opti u:object_r:hvdcp_exec:s0 +/(vendor|system/vendor)/bin/cnd u:object_r:cnd_exec:s0 +/(vendor|system/vendor)/bin/diag_callback_client u:object_r:diag_exec:s0 +/(vendor|system/vendor)/bin/diag_dci_sample u:object_r:diag_exec:s0 +/(vendor|system/vendor)/bin/diag_klog u:object_r:diag_exec:s0 +/(vendor|system/vendor)/bin/diag_mdlog u:object_r:qlogd_exec:s0 +/(vendor|system/vendor)/bin/drmdiagapp u:object_r:diag_exec:s0 +/(vendor|system/vendor)/bin/diag_qshrink4_daemon u:object_r:diag_exec:s0 +/(vendor|system/vendor)/bin/diag_socket_log u:object_r:diag_exec:s0 +/(vendor|system/vendor)/bin/diag_uart_log u:object_r:diag_exec:s0 +/(vendor|system/vendor)/bin/diag_buffering_test u:object_r:diag_exec:s0 +/(vendor|system/vendor)/bin/irsc_util u:object_r:irsc_util_exec:s0 +/(vendor|system/vendor)/bin/qrtr-cfg u:object_r:qrtr_exec:s0 +/(vendor|system/vendor)/bin/qrtr-ns u:object_r:qrtr_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.class_core\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.bt\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.early_boot\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.class_main\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.post_boot\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.sensors\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.usb\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.mdm\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.mdm\.crashdata\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.syspart_fixup\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/hcidump.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/hsic\.control\.bt\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.ath3k\.bt\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.crda\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.coex\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.debug-sdm660\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.debug\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.efs\.sync\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qti\.fm\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.sdio\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.uicc\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qcom\.wifi\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/init\.qti\.ims\.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/qca6234-service.sh u:object_r:qti_init_shell_exec:s0 +/(vendor|system/vendor)/bin/mm-pp-daemon u:object_r:mm-pp-daemon_exec:s0 +/(vendor|system/vendor)/bin/mm-pp-dpps u:object_r:mm-pp-daemon_exec:s0 +/(vendor|system/vendor)/bin/mmi u:object_r:vendor_mmi_exec:s0 +/(vendor|system/vendor)/bin/mmid u:object_r:vendor_mmi_exec:s0 +/(vendor|system/vendor)/bin/qdcmss u:object_r:qdcm-ss_exec:s0 +/(vendor|system/vendor)/bin/msm_irqbalance u:object_r:msm_irqbalanced_exec:s0 +/(vendor|system/vendor)/bin/imsdatadaemon u:object_r:ims_exec:s0 +/(vendor|system/vendor)/bin/imsqmidaemon u:object_r:ims_exec:s0 +/(vendor|system/vendor)/bin/ims_rtp_daemon u:object_r:hal_imsrtp_exec:s0 +/(vendor|system/vendor)/bin/netmgrd u:object_r:netmgrd_exec:s0 +/(vendor|system/vendor)/bin/qmuxd u:object_r:qmuxd_exec:s0 +/(vendor|system/vendor)/bin/port-bridge u:object_r:port-bridge_exec:s0 +/(vendor|system/vendor)/bin/sensors.qcom u:object_r:sensors_exec:s0 +/(vendor|system/vendor)/bin/sensors.qti u:object_r:sensors_exec:s0 +/(vendor|system/vendor)/bin/test_diag u:object_r:diag_exec:s0 +/(vendor|system/vendor)/bin/thermal-engine u:object_r:thermal-engine_exec:s0 +/(vendor|system/vendor)/bin/vm_bms u:object_r:vm_bms_exec:s0 +/(vendor|system/vendor)/bin/mm-qcamera-daemon u:object_r:mm-qcamerad_exec:s0 +/(vendor|system/vendor)/bin/qfp-daemon u:object_r:qfp-daemon_exec:s0 +/(vendor|system/vendor)/bin/qvop-daemon u:object_r:qvop-daemon_exec:s0 +/system/rfs.* u:object_r:rfs_system_file:s0 +/(vendor|system/vendor)/bin/time_daemon u:object_r:time_daemon_exec:s0 +/(vendor|system/vendor)/bin/rmt_storage u:object_r:rmt_storage_exec:s0 +/(vendor|system/vendor)/bin/rfs_access u:object_r:rfs_access_exec:s0 +/(vendor|system/vendor)/bin/tftp_server u:object_r:rfs_access_exec:s0 +/(vendor|system/vendor)/bin/hvdcp u:object_r:hvdcp_exec:s0 +/(vendor|system/vendor)/bin/qseecomd u:object_r:tee_exec:s0 +/(vendor|system/vendor)/bin/bg_daemon u:object_r:bg_daemon_exec:s0 +/(vendor|system/vendor)/bin/spdaemon u:object_r:spdaemon_exec:s0 +/(vendor|system/vendor)/bin/sec_nvm u:object_r:sec_nvm_exec:s0 +/(vendor|system/vendor)/bin/cnss-daemon u:object_r:wcnss_service_exec:s0 +/(vendor|system/vendor)/bin/hostapd_cli u:object_r:hostapd_exec:s0 +/(vendor|system/vendor)/bin/adsprpcd u:object_r:adsprpcd_exec:s0 +/(vendor|system/vendor)/bin/cdsprpcd u:object_r:cdsprpcd_exec:s0 +/(vendor|system/vendor)/bin/wpa_cli u:object_r:wcnss_service_exec:s0 +/(vendor|system/vendor)/bin/mdm_helper u:object_r:mdm_helper_exec:s0 +/(vendor|system/vendor)/bin/mdm_helper_proxy u:object_r:mdm_helper_exec:s0 +/(vendor|system/vendor)/bin/ks u:object_r:mdm_helper_exec:s0 +/(vendor|system/vendor)/bin/pm-service u:object_r:vendor_per_mgr_exec:s0 +/(vendor|system/vendor)/bin/pm-proxy u:object_r:vendor_per_mgr_exec:s0 +/(vendor|system/vendor)/bin/pd-mapper u:object_r:vendor_pd_mapper_exec:s0 +/(vendor|system/vendor)/bin/pd-api-test u:object_r:vendor_pd_mapper_exec:s0 +/(vendor|system/vendor)/bin/usb_uicc_client u:object_r:usb_uicc_daemon_exec:s0 +/(vendor|system/vendor)/bin/qcom-system-daemon u:object_r:vendor_qcomsysd_exec:s0 +/(vendor|system/vendor)/bin/poweroffhandler u:object_r:poweroffhandler_exec:s0 +/(vendor|system/vendor)/xbin/qlogd u:object_r:qlogd_exec:s0 +/(vendor|system/vendor)/bin/ipacm u:object_r:ipacm_exec:s0 +/(vendor|system/vendor)/bin/ipacm-diag u:object_r:ipacm-diag_exec:s0 +/(vendor|system/vendor)/bin/dpmQmiMgr u:object_r:hal_dpmQmiMgr_exec:s0 +#/(vendor|system/vendor)/bin/dpmd u:object_r:dpmd_exec:s0 +/(vendor|system/vendor)/bin/ssr_setup u:object_r:vendor_ssr_setup_exec:s0 +/(vendor|system/vendor)/bin/subsystem_ramdump u:object_r:vendor_subsystem_ramdump_exec:s0 +/(vendor|system/vendor)/bin/ssr_diag u:object_r:vendor_ssr_diag_exec:s0 +/(vendor|system/vendor)/bin/hw/qcrild u:object_r:rild_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.0-service.widevine u:object_r:hal_drm_widevine_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.gnss@.*-service-qti u:object_r:hal_gnss_qti_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.gnss@.*-service u:object_r:hal_gnss_qti_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth@1\.0-service-qti u:object_r:hal_bluetooth_qti_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.display\.color@1\.0-service u:object_r:hal_display_color_default_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.perf@1\.0-service u:object_r:hal_perf_default_exec:s0 +/(vendor|system/vendor)/bin/ssgqmigd u:object_r:ssgqmigd_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.iop@1\.0-service u:object_r:hal_iop_default_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.iop@2\.0-service u:object_r:hal_iop_default_exec:s0 +/(vendor|system/vendor)/bin/mlid u:object_r:mlid_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.esepowermanager@1\.0-service u:object_r:hal_esepowermanager_qti_exec:s0 +/(vendor|system/vendor)/bin/loc_launcher u:object_r:location_exec:s0 +/(vendor|system/vendor)/bin/lowi-server u:object_r:location_exec:s0 +/(vendor|system/vendor)/bin/xtwifi-inet-agent u:object_r:location_exec:s0 +/(vendor|system/vendor)/bin/xtwifi-client u:object_r:location_exec:s0 +/(vendor|system/vendor)/bin/garden_app u:object_r:location_exec:s0 +/(vendor|system/vendor)/bin/DR_AP_Service u:object_r:location_exec:s0 +/(vendor|system/vendor)/bin/slim_daemon u:object_r:location_exec:s0 +/(vendor|system/vendor)/bin/xtra-daemon u:object_r:location_exec:s0 +/(vendor|system/vendor)/bin/energy-awareness u:object_r:energyawareness_exec:s0 +/(vendor|system/vendor)/bin/fidodaemon u:object_r:fidodaemon_exec:s0 +/(vendor|system/vendor)/bin/esepmdaemon u:object_r:esepmdaemon_exec:s0 +/(vendor|system/vendor)/bin/secotad u:object_r:secotad_exec:s0 +/(vendor|system/vendor)/bin/qseeproxydaemon u:object_r:qseeproxy_exec:s0 +/(vendor|system/vendor)/bin/dts_configurator u:object_r:dtsconfigurator_exec:s0 +/(vendor|system/vendor)/bin/dts_eagle_service u:object_r:dtseagleservice_exec:s0 +/(vendor|system/vendor)/bin/qti u:object_r:qti_exec:s0 +/(vendor|system/vendor)/bin/adpl u:object_r:adpl_exec:s0 +/(vendor|system/vendor)/bin/wcnss_service u:object_r:wcnss_service_exec:s0 +/(vendor|system/vendor)/bin/hbtp_daemon u:object_r:hbtp_exec:s0 +/(vendor|system/vendor)/bin/touch_fusion u:object_r:touchfusion_exec:s0 +/(vendor|system/vendor)/bin/seemp_healthd u:object_r:seemp_health_daemon_exec:s0 +/(vendor|system/vendor)/bin/sapd u:object_r:sapd_exec:s0 +/(vendor|system/vendor)/bin/btnvtool u:object_r:btnvtool_exec:s0 +/(vendor|system/vendor)/bin/btsnoop u:object_r:btsnoop_exec:s0 +/(vendor|system/vendor)/bin/wifidisplayhalservice u:object_r:wifidisplayhalservice_qti_exec:s0 +/(vendor|system/vendor)/bin/wcnss_filter u:object_r:wcnss_filter_exec:s0 +/(vendor|system/vendor)/bin/fmhal_service u:object_r:fmhal_service_exec:s0 +/(vendor|system/vendor)/bin/usf_epos u:object_r:usf_exec:s0 +/(vendor|system/vendor)/bin/usf_gesture u:object_r:usf_exec:s0 +/(vendor|system/vendor)/bin/usf_hovering u:object_r:usf_exec:s0 +/(vendor|system/vendor)/bin/usf_p2p u:object_r:usf_exec:s0 +/(vendor|system/vendor)/bin/usf_proximity u:object_r:usf_exec:s0 +/(vendor|system/vendor)/bin/usf_sync_gesture u:object_r:usf_exec:s0 +/(vendor|system/vendor)/bin/usf_sw_calib u:object_r:usf_exec:s0 +/(vendor|system/vendor)/bin/usf_pairing u:object_r:usf_exec:s0 +/(vendor|system/vendor)/bin/usf_tester u:object_r:usf_exec:s0 +/(vendor|system/vendor)/bin/LKCore u:object_r:qti_logkit_exec:s0 +/(vendor|system/vendor)/bin/tbaseLoader u:object_r:tbaseLoader_exec:s0 +/(vendor|system/vendor)/bin/mcStarter u:object_r:mcStarter_exec:s0 +/(vendor|system/vendor)/bin/fstman u:object_r:fstman_exec:s0 +/(vendor|system/vendor)/bin/wigighalsvc u:object_r:wigighalsvc_exec:s0 +/(vendor|system/vendor)/bin/wigignpt u:object_r:wigignpt_exec:s0 +/(vendor|system/vendor)/bin/mdtpd u:object_r:mdtpdaemon_exec:s0 +/(vendor|system/vendor)/bin/wifi_ftmd u:object_r:wifi_ftmd_exec:s0 +/(vendor|system/vendor)/bin/fingerprint.qcom u:object_r:fps_hal_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.keymaster@3\.0-service-qti u:object_r:hal_keymaster_qti_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.keymaster@4\.0-service-qti u:object_r:hal_keymaster_qti_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.keymaster@4\.0-strongbox-service-qti u:object_r:hal_keymaster_qti_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.gatekeeper@1\.0-service-qti u:object_r:hal_gatekeeper_qti_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.nxp\.hardware\.nfc@1\.0-service u:object_r:hal_nfc_default_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.nxp\.hardware\.nfc@1\.1-service u:object_r:hal_nfc_default_exec:s0 +/(vendor|system/vendor)/bin/qdmastatsd u:object_r:qdmastatsd_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.alarm@1\.0-service u:object_r:hal_alarm_qti_default_exec:s0 +/(vendor|system/vendor)/bin/imsrcsd u:object_r:hal_rcsservice_exec:s0 +/(vendor|system/vendor)/bin/vppservice u:object_r:vendor_vppservice_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.qteeconnector@1\.0-service u:object_r:hal_qteeconnector_qti_exec:s0 +/(vendor|system/vendor)/bin/fm_qsoc_patches u:object_r:fm_qsoc_patches_exec:s0 +/(vendor|system/vendor)/bin/chre u:object_r:chre_exec:s0 +/(vendor|system/vendor)/bin/tloc_daemon u:object_r:tlocd_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.factory@1\.0-service u:object_r:vendor_hal_factory_qti_default_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.display\.allocator@1\.0-service u:object_r:hal_graphics_allocator_default_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.tui_comm@1\.0-service-qti u:object_r:hal_tui_comm_qti_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.soter@1\.0-service u:object_r:hal_soter_qti_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.qdutils_disp@1\.0-service-qti u:object_r:hal_qdutils_disp_qti_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.sensorscalibrate@1\.0-service u:object_r:hal_sensorscalibrate_qti_default_exec:s0 +/(vendor|system/vendor)/bin/power_off_alarm u:object_r:power_off_alarm_exec:s0 +/vendor/bin/hw/vendor\.qti\.hardware\.vibrator@1\.[0-2]-service u:object_r:hal_vibrator_default_exec:s0 + +################################### +# persist files +# +/persist(/.*)? u:object_r:mnt_vendor_file:s0 +/mnt/vendor/persist/bluetooth(/.*)? u:object_r:persist_bluetooth_file:s0 +/mnt/vendor/persist/drm(/.*)? u:object_r:persist_drm_file:s0 +/mnt/vendor/persist/sensors(/.*)? u:object_r:sensors_persist_file:s0 +/mnt/vendor/persist/alarm(/.*)? u:object_r:persist_alarm_file:s0 +/mnt/vendor/persist/time(/.*)? u:object_r:persist_time_file:s0 +/mnt/vendor/persist/data(/.*)? u:object_r:persist_drm_file:s0 +/mnt/vendor/persist/data/tz(/.*)? u:object_r:persist_drm_file:s0 +/mnt/vendor/persist/data/sfs(/.*)? u:object_r:persist_drm_file:s0 +/mnt/vendor/persist/qti_fp(/.*)? u:object_r:persist_qti_fp_file:s0 +/mnt/vendor/persist/usf(/.*)? u:object_r:persist_usf_file:s0 +/mnt/vendor/persist/hlos_rfs(/.*)? u:object_r:persist_rfs_shared_hlos_file:s0 +/mnt/vendor/persist/display(/.*)? u:object_r:persist_display_file:s0 +/mnt/vendor/persist/rfs.* u:object_r:persist_rfs_file:s0 +/mnt/vendor/persist/speccfg(/.*)? u:object_r:regionalization_file:s0 +/mnt/vendor/persist/misc(/.*)? u:object_r:persist_misc_file:s0 +/mnt/vendor/persist/bms(/.*)? u:object_r:persist_bms_file:s0 +/mnt/vendor/persist/vpp(/.*)? u:object_r:persist_vpp_file:s0 +/mnt/vendor/persist/secnvm(/.*)? u:object_r:persist_secnvm_file:s0 +/mnt/vendor/persist/FTM_AP(/.*)? u:object_r:vendor_persist_mmi_file:s0 +/mnt/vendor/persist/hvdcp_opti(/.*)? u:object_r:persist_hvdcp_file:s0 + + +# persist changes for backword comptaibily +/persist/bluetooth(/.*)? u:object_r:persist_bluetooth_file:s0 +/persist/drm(/.*)? u:object_r:persist_drm_file:s0 +/persist/sensors(/.*)? u:object_r:sensors_persist_file:s0 +/persist/alarm(/.*)? u:object_r:persist_alarm_file:s0 +/persist/time(/.*)? u:object_r:persist_time_file:s0 +/persist/data(/.*)? u:object_r:persist_drm_file:s0 +/persist/data/tz(/.*)? u:object_r:persist_drm_file:s0 +/persist/data/sfs(/.*)? u:object_r:persist_drm_file:s0 +/persist/qti_fp(/.*)? u:object_r:persist_qti_fp_file:s0 +/persist/usf(/.*)? u:object_r:persist_usf_file:s0 +/persist/hlos_rfs(/.*)? u:object_r:persist_rfs_shared_hlos_file:s0 +/persist/display(/.*)? u:object_r:persist_display_file:s0 +/persist/rfs.* u:object_r:persist_rfs_file:s0 +/persist/speccfg(/.*)? u:object_r:regionalization_file:s0 +/persist/misc(/.*)? u:object_r:persist_misc_file:s0 +/persist/bms(/.*)? u:object_r:persist_bms_file:s0 +/persist/vpp(/.*)? u:object_r:persist_vpp_file:s0 +/persist/secnvm(/.*)? u:object_r:persist_secnvm_file:s0 +/persist/FTM_AP(/.*)? u:object_r:vendor_persist_mmi_file:s0 + + +################################### +# etc files +# +/vendor/etc/hbtp/* u:object_r:hbtp_cfg_file:s0 + +################################### +# adsp files +# +/(vendor|system/vendor)/dsp(/.*)? u:object_r:adsprpcd_file:s0 +/dsp(/.*)? u:object_r:adsprpcd_file:s0 + +################################### +# cache files +# + +################################### +# vendor files +# +/vendor/package(/.*)? u:object_r:vendor_carrier_file:s0 +/vendor/package(/.*)?/overlay(/.*)? u:object_r:vendor_overlay_file:s0 +/vendor/package(/.*)?/app(/.*)? u:object_r:vendor_app_file:s0 + +# same-process HAL files and their dependencies +# +/vendor/lib(64)?/hw/gralloc\.msm8998\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/hw/android\.hardware\.graphics\.mapper@2\.0-impl-qti-display\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/vendor\.qti\.hardware\.display\.mapper@1\.0\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libqdMetaData\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libqservice\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libqdutils\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libadreno_utils\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libgsl\.so u:object_r:same_process_hal_file:s0 + +/vendor/lib(64)?/hw/vulkan\.msm8998\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libEGL_adreno\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libGLESv1_CM_adreno\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libGLESv2_adreno\.so u:object_r:same_process_hal_file:s0 + +/vendor/lib(64)?/libdrmutils\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libdrm\.so u:object_r:same_process_hal_file:s0 + +/vendor/lib(64)?/libavenhancements\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libgrallocutils\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libgralloccore\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libExtendedExtractor.so u:object_r:same_process_hal_file:s0 +# RenderScript dependencies. +# To test: run cts -m CtsRenderscriptTestCases +/vendor/lib(64)?/libRSDriver_adreno\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libCB\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libllvm-qgl\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libbccQTI\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libllvm-qcom\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/librs_adreno\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/librs_adreno_sha1\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libqti-perfd-client\.so u:object_r:same_process_hal_file:s0 +# perf-hal client lib (included by libqti-perfd-client.so) +/vendor/lib(64)?/vendor\.qti\.hardware\.perf@1\.0\.so u:object_r:same_process_hal_file:s0 + +# libGLESv2_adreno depends on this +/vendor/lib(64)?/libllvm-glnext\.so u:object_r:same_process_hal_file:s0 + +# libOpenCL and its dependencies +/vendor/lib(64)?/libOpenCL\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libq3dtools_adreno\.so u:object_r:same_process_hal_file:s0 + +# hbtp dependencies +/vendor/lib(64)?/libhbtpitsjni\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libhbtpdbgclientjni\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libhbtpjni\.so u:object_r:same_process_hal_file:s0 + +#Loaded by native loader (zygote) for all processes +/vendor/lib(64)?/libhalide_hexagon_host\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libadsprpc\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libcdsprpc\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libsdsprpc\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libdiag\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libtime_genoff\.so u:object_r:same_process_hal_file:s0 + +# libmmi_jni +/vendor/lib(64)?/libmmi_jni\.so u:object_r:same_process_hal_file:s0 + +# Fastcv libs +/vendor/lib(64)?/libfastcvdsp_stub\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libfastcvadsp_stub\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libfastcvopt\.so u:object_r:same_process_hal_file:s0 + +# SVA files +/vendor/lib(64)?/liblistenjni\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/liblistensoundmodel2\.so u:object_r:same_process_hal_file:s0 +################################### +# firmware images +# +/vendor/firmware(/.*)? u:object_r:vendor_firmware_file:s0 +/system/etc/firmware(/.*)? u:object_r:firmware_file:s0 +/system/vendor/firmware(/.*)? u:object_r:firmware_file:s0 +/firmware/image(/.*)? u:object_r:firmware_file:s0 +/vendor/bt_firmware(/.*)? u:object_r:bt_firmware_file:s0 +/vendor/firmware_mnt(/.*)? u:object_r:firmware_file:s0 + +/bt_firmware/bt_firmware(/.*)? u:object_r:bt_firmware_file:s0 + +/(vendor|system/vendor)/bin/grep u:object_r:vendor_toolbox_exec:s0 +################################## +#vendor toolbox +# +/(vendor|system/vendor)/bin/toolbox_vendor u:object_r:vendor_toolbox_exec:s0 + +#Android NN Driver +/(vendor|system/vendor)/bin/hw/android\.hardware\.neuralnetworks@1\.1-service-qti u:object_r:hal_neuralnetworks_default_exec:s0 diff --git a/vendor/qcom/common/fm.te b/vendor/qcom/common/fm.te new file mode 100644 index 0000000..17747e6 --- /dev/null +++ b/vendor/qcom/common/fm.te @@ -0,0 +1,2 @@ +type fm_qsoc_patches, domain; +type fm_qsoc_patches_exec, exec_type, vendor_file_type, file_type; diff --git a/vendor/qcom/common/fps_hal.te b/vendor/qcom/common/fps_hal.te new file mode 100644 index 0000000..1ffc482 --- /dev/null +++ b/vendor/qcom/common/fps_hal.te @@ -0,0 +1,6 @@ +type fps_hal, domain; +type fps_hal_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(fps_hal) + + diff --git a/vendor/qcom/common/fstman.te b/vendor/qcom/common/fstman.te new file mode 100644 index 0000000..015496b --- /dev/null +++ b/vendor/qcom/common/fstman.te @@ -0,0 +1,4 @@ +type fstman, domain; +type fstman_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(fstman) diff --git a/vendor/qcom/common/gamed.te b/vendor/qcom/common/gamed.te new file mode 100644 index 0000000..e5178ac --- /dev/null +++ b/vendor/qcom/common/gamed.te @@ -0,0 +1,4 @@ +type gamed, domain; +type gamed_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(gamed) diff --git a/vendor/qcom/common/hal_alarm_qti_default.te b/vendor/qcom/common/hal_alarm_qti_default.te new file mode 100644 index 0000000..653d233 --- /dev/null +++ b/vendor/qcom/common/hal_alarm_qti_default.te @@ -0,0 +1,5 @@ +type hal_alarm_qti_default, domain; + +type hal_alarm_qti_default_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_alarm_qti_default) + diff --git a/vendor/qcom/common/hal_bluetooth_qti.te b/vendor/qcom/common/hal_bluetooth_qti.te new file mode 100644 index 0000000..589ecb3 --- /dev/null +++ b/vendor/qcom/common/hal_bluetooth_qti.te @@ -0,0 +1,6 @@ +type hal_bluetooth_qti, domain; + +type hal_bluetooth_qti_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_bluetooth_qti) + + diff --git a/vendor/qcom/common/hal_display_color.te b/vendor/qcom/common/hal_display_color.te new file mode 100644 index 0000000..85883e2 --- /dev/null +++ b/vendor/qcom/common/hal_display_color.te @@ -0,0 +1,5 @@ +type hal_display_color_default, domain; +type hal_display_color_default_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_display_color_default) + + diff --git a/vendor/qcom/common/hal_dpmQmiMgr.te b/vendor/qcom/common/hal_dpmQmiMgr.te new file mode 100644 index 0000000..635b8f0 --- /dev/null +++ b/vendor/qcom/common/hal_dpmQmiMgr.te @@ -0,0 +1,7 @@ +type hal_dpmQmiMgr, domain; + +type hal_dpmQmiMgr_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(hal_dpmQmiMgr) + + diff --git a/vendor/qcom/common/hal_drm_widevine.te b/vendor/qcom/common/hal_drm_widevine.te new file mode 100644 index 0000000..b373912 --- /dev/null +++ b/vendor/qcom/common/hal_drm_widevine.te @@ -0,0 +1,6 @@ +type hal_drm_widevine, domain; + +type hal_drm_widevine_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_drm_widevine) + + diff --git a/vendor/qcom/common/hal_esepowermanager_qti.te b/vendor/qcom/common/hal_esepowermanager_qti.te new file mode 100644 index 0000000..df2c45b --- /dev/null +++ b/vendor/qcom/common/hal_esepowermanager_qti.te @@ -0,0 +1,6 @@ +type hal_esepowermanager_qti, domain; + +type hal_esepowermanager_qti_exec, exec_type, file_type, vendor_file_type; +init_daemon_domain(hal_esepowermanager_qti) + + diff --git a/vendor/qcom/common/hal_factory_qti_default.te b/vendor/qcom/common/hal_factory_qti_default.te new file mode 100644 index 0000000..53838bf --- /dev/null +++ b/vendor/qcom/common/hal_factory_qti_default.te @@ -0,0 +1,5 @@ +type vendor_hal_factory_qti_default, domain; + +type vendor_hal_factory_qti_default_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(vendor_hal_factory_qti_default) + diff --git a/vendor/qcom/common/hal_gatekeeper_qti.te b/vendor/qcom/common/hal_gatekeeper_qti.te new file mode 100644 index 0000000..00fae23 --- /dev/null +++ b/vendor/qcom/common/hal_gatekeeper_qti.te @@ -0,0 +1,6 @@ +type hal_gatekeeper_qti, domain; + +type hal_gatekeeper_qti_exec, exec_type, file_type, vendor_file_type; +init_daemon_domain(hal_gatekeeper_qti) + + diff --git a/vendor/qcom/common/hal_gnss_qti.te b/vendor/qcom/common/hal_gnss_qti.te new file mode 100644 index 0000000..b0e0786 --- /dev/null +++ b/vendor/qcom/common/hal_gnss_qti.te @@ -0,0 +1,5 @@ +# hal_gnss_qti - binerized gnss hal +type hal_gnss_qti, domain; +type hal_gnss_qti_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_gnss_qti) + diff --git a/vendor/qcom/common/hal_imsrtp.te b/vendor/qcom/common/hal_imsrtp.te new file mode 100644 index 0000000..36da549 --- /dev/null +++ b/vendor/qcom/common/hal_imsrtp.te @@ -0,0 +1,7 @@ +#ims rtp service +type hal_imsrtp, domain; +type hal_imsrtp_exec, exec_type, vendor_file_type, file_type; + +# Started by init +init_daemon_domain(hal_imsrtp) + diff --git a/vendor/qcom/common/hal_iop_default.te b/vendor/qcom/common/hal_iop_default.te new file mode 100644 index 0000000..fc251f1 --- /dev/null +++ b/vendor/qcom/common/hal_iop_default.te @@ -0,0 +1,6 @@ +type hal_iop_default, domain, mlstrustedsubject; + +type hal_iop_default_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_iop_default) + + diff --git a/vendor/qcom/common/hal_keymaster_qti.te b/vendor/qcom/common/hal_keymaster_qti.te new file mode 100644 index 0000000..1eca682 --- /dev/null +++ b/vendor/qcom/common/hal_keymaster_qti.te @@ -0,0 +1,6 @@ +type hal_keymaster_qti, domain; + +type hal_keymaster_qti_exec, exec_type, file_type, vendor_file_type; +init_daemon_domain(hal_keymaster_qti) + + diff --git a/vendor/qcom/common/hal_neuralnetworks.te b/vendor/qcom/common/hal_neuralnetworks.te new file mode 100644 index 0000000..cf83e2d --- /dev/null +++ b/vendor/qcom/common/hal_neuralnetworks.te @@ -0,0 +1,6 @@ +type hal_neuralnetworks_default, domain; + +type hal_neuralnetworks_default_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_neuralnetworks_default) + + diff --git a/vendor/qcom/common/hal_perf_default.te b/vendor/qcom/common/hal_perf_default.te new file mode 100644 index 0000000..7762c4b --- /dev/null +++ b/vendor/qcom/common/hal_perf_default.te @@ -0,0 +1,6 @@ +type hal_perf_default, domain; + +type hal_perf_default_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_perf_default) + + diff --git a/vendor/qcom/common/hal_qdutils_disp_qti.te b/vendor/qcom/common/hal_qdutils_disp_qti.te new file mode 100644 index 0000000..49a8d34 --- /dev/null +++ b/vendor/qcom/common/hal_qdutils_disp_qti.te @@ -0,0 +1,6 @@ +type hal_qdutils_disp_qti, domain; + +type hal_qdutils_disp_qti_exec, exec_type, file_type, vendor_file_type; +init_daemon_domain(hal_qdutils_disp_qti) + + diff --git a/vendor/qcom/common/hal_qteeconnector_qti.te b/vendor/qcom/common/hal_qteeconnector_qti.te new file mode 100644 index 0000000..da08c18 --- /dev/null +++ b/vendor/qcom/common/hal_qteeconnector_qti.te @@ -0,0 +1,6 @@ +#define the type +type hal_qteeconnector_qti, domain; + +#allow the service to be started by init +type hal_qteeconnector_qti_exec, exec_type, file_type, vendor_file_type; +init_daemon_domain(hal_qteeconnector_qti) diff --git a/vendor/qcom/common/hal_rcsservice.te b/vendor/qcom/common/hal_rcsservice.te new file mode 100644 index 0000000..89170c4 --- /dev/null +++ b/vendor/qcom/common/hal_rcsservice.te @@ -0,0 +1,6 @@ +type hal_rcsservice, domain; +type hal_rcsservice_exec, exec_type, vendor_file_type, file_type; + +# Started by init +init_daemon_domain(hal_rcsservice) + diff --git a/vendor/qcom/common/hal_sensorscalibrate_qti_default.te b/vendor/qcom/common/hal_sensorscalibrate_qti_default.te new file mode 100644 index 0000000..26c876c --- /dev/null +++ b/vendor/qcom/common/hal_sensorscalibrate_qti_default.te @@ -0,0 +1,6 @@ +type hal_sensorscalibrate_qti_default, domain; + +type hal_sensorscalibrate_qti_default_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_sensorscalibrate_qti_default) + + diff --git a/vendor/qcom/common/hal_soter_qti.te b/vendor/qcom/common/hal_soter_qti.te new file mode 100755 index 0000000..44e5807 --- /dev/null +++ b/vendor/qcom/common/hal_soter_qti.te @@ -0,0 +1,5 @@ +type hal_soter_qti, domain; + +type hal_soter_qti_exec, exec_type, file_type, vendor_file_type; +init_daemon_domain(hal_soter_qti) + diff --git a/vendor/qcom/common/hal_tui_comm_qti.te b/vendor/qcom/common/hal_tui_comm_qti.te new file mode 100644 index 0000000..53620be --- /dev/null +++ b/vendor/qcom/common/hal_tui_comm_qti.te @@ -0,0 +1,6 @@ +type hal_tui_comm_qti, domain; + +type hal_tui_comm_qti_exec, exec_type, file_type, vendor_file_type; +init_daemon_domain(hal_tui_comm_qti) + + diff --git a/vendor/qcom/common/hbtp.te b/vendor/qcom/common/hbtp.te new file mode 100644 index 0000000..2cc23d4 --- /dev/null +++ b/vendor/qcom/common/hbtp.te @@ -0,0 +1,5 @@ +# Policies for hbtp (host based touch processing) +type hbtp, domain; +type hbtp_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hbtp) + diff --git a/vendor/qcom/common/hostapd.te b/vendor/qcom/common/hostapd.te new file mode 100644 index 0000000..13336ee --- /dev/null +++ b/vendor/qcom/common/hostapd.te @@ -0,0 +1,5 @@ +# userspace wifi access points +type hostapd, domain; +type hostapd_exec, exec_type, vendor_file_type, file_type; + + diff --git a/vendor/qcom/common/hvdcp.te b/vendor/qcom/common/hvdcp.te new file mode 100644 index 0000000..9426727 --- /dev/null +++ b/vendor/qcom/common/hvdcp.te @@ -0,0 +1,8 @@ +# HVDVP quickcharge +type hvdcp, domain; +type hvdcp_exec, exec_type, vendor_file_type, file_type; + +# Make transition to its own HVDCP domain from init +init_daemon_domain(hvdcp) + + diff --git a/vendor/qcom/common/hwservice.te b/vendor/qcom/common/hwservice.te new file mode 100644 index 0000000..2219467 --- /dev/null +++ b/vendor/qcom/common/hwservice.te @@ -0,0 +1,27 @@ +type hal_display_color_hwservice, hwservice_manager_type; +type hal_display_config_hwservice, hwservice_manager_type; +type hal_display_postproc_hwservice, hwservice_manager_type; +type hal_hbtp_hwservice, hwservice_manager_type; +type hal_dpmqmi_hwservice, hwservice_manager_type; +type hal_imsrtp_hwservice, hwservice_manager_type; +type hal_imscallinfo_hwservice, hwservice_manager_type; +type hal_perf_hwservice, hwservice_manager_type, untrusted_app_visible_hwservice; +type wifidisplayhalservice_hwservice, hwservice_manager_type; +type hal_iop_hwservice, hwservice_manager_type; +type hal_alarm_qti_hwservice, hwservice_manager_type; +type hal_datafactory_hwservice, hwservice_manager_type; +type hal_cne_hwservice, hwservice_manager_type; +type hal_latency_hwservice, hwservice_manager_type; +type hal_imsrcsd_hwservice, hwservice_manager_type; +type hal_ipacm_hwservice, hwservice_manager_type; +type hal_vpp_hwservice, hwservice_manager_type; +type hal_wigig_hwservice, hwservice_manager_type; +type hal_qteeconnector_hwservice, hwservice_manager_type; +type hal_esepowermanager_hwservice, hwservice_manager_type; +type hal_voiceprint_hwservice, hwservice_manager_type; +type vendor_hal_factory_qti_hwservice, hwservice_manager_type; +type hal_wigig_npt_hwservice, hwservice_manager_type; +type hal_soter_hwservice, hwservice_manager_type; +type hal_tui_comm_hwservice, hwservice_manager_type; +type hal_qdutils_disp_hwservice, hwservice_manager_type; +type hal_sensorscalibrate_qti_hwservice, hwservice_manager_type; diff --git a/vendor/qcom/common/ims.te b/vendor/qcom/common/ims.te new file mode 100644 index 0000000..ffea667 --- /dev/null +++ b/vendor/qcom/common/ims.te @@ -0,0 +1,7 @@ +#integrated sensor process +type ims, domain; +type ims_exec, exec_type, vendor_file_type, file_type; + +# Started by init +init_daemon_domain(ims) + diff --git a/vendor/qcom/common/imshelper_app.te b/vendor/qcom/common/imshelper_app.te new file mode 100644 index 0000000..9455589 --- /dev/null +++ b/vendor/qcom/common/imshelper_app.te @@ -0,0 +1,2 @@ +type imshelper_app, domain; + diff --git a/vendor/qcom/common/init_shell.te b/vendor/qcom/common/init_shell.te new file mode 100644 index 0000000..661c297 --- /dev/null +++ b/vendor/qcom/common/init_shell.te @@ -0,0 +1,9 @@ +# Restricted domain for shell processes spawned by init. +# Normally these are shell commands or scripts invoked via sh +# from an init*.rc file. No service should ever run in this domain. +type qti_init_shell, domain; +type qti_init_shell_exec, exec_type, vendor_file_type,file_type; + +init_daemon_domain(qti_init_shell) + + diff --git a/vendor/qcom/common/ioctl_defines b/vendor/qcom/common/ioctl_defines new file mode 100644 index 0000000..8e3976e --- /dev/null +++ b/vendor/qcom/common/ioctl_defines @@ -0,0 +1,55 @@ +# gpu_device ioctls defined in the kernel in include/uapi/linux/msm_kgsl.h +define(`IOCTL_KGSL_DEVICE_GETPROPERTY', `0x00000902') +define(`IOCTL_KGSL_DEVICE_WAITTIMESTAMP', `0x00000906') +define(`IOCTL_KGSL_DEVICE_WAITTIMESTAMP_CTXTID', `0x00000907') +define(`IOCTL_KGSL_RINGBUFFER_ISSUEIBCMDS', `0x00000910') +define(`IOCTL_KGSL_CMDSTREAM_READTIMESTAMP', `0x00000911') +define(`IOCTL_KGSL_CMDSTREAM_FREEMEMONTIMESTAMP', `0x00000912') +define(`IOCTL_KGSL_DRAWCTXT_CREATE', `0x00000913') +define(`IOCTL_KGSL_DRAWCTXT_DESTROY', `0x00000914') +define(`IOCTL_KGSL_MAP_USER_MEM', `0x00000915') +define(`IOCTL_KGSL_CMDSTREAM_READTIMESTAMP_CTXTID', `0x00000916') +define(`IOCTL_KGSL_CMDSTREAM_FREEMEMONTIMESTAMP_CTXTID', `0x00000917') +define(`IOCTL_KGSL_SHAREDMEM_FROM_PMEM', `0x00000920') +define(`IOCTL_KGSL_SHAREDMEM_FREE', `0x00000921') +define(`IOCTL_KGSL_DRAWCTXT_BIND_GMEM_SHADOW', `0x00000922') +define(`IOCTL_KGSL_SHAREDMEM_FROM_VMALLOC', `0x00000923') +define(`IOCTL_KGSL_SHAREDMEM_FLUSH_CACHE', `0x00000924') +define(`IOCTL_KGSL_DRAWCTXT_SET_BIN_BASE_OFFSET', `0x00000925') +define(`IOCTL_KGSL_CMDWINDOW_WRITE', `0x0000092e') +define(`IOCTL_KGSL_GPUMEM_ALLOC', `0x0000092f') +define(`IOCTL_KGSL_CFF_SYNCMEM', `0x00000930') +define(`IOCTL_KGSL_CFF_USER_EVENT', `0x00000931') +define(`IOCTL_KGSL_SETPROPERTY', `0x00000932') +define(`IOCTL_KGSL_TIMESTAMP_EVENT', `0x00000933') +define(`IOCTL_KGSL_GPUMEM_ALLOC_ID', `0x00000934') +define(`IOCTL_KGSL_GPUMEM_FREE_ID', `0x00000935') +define(`IOCTL_KGSL_GPUMEM_GET_INFO', `0x00000936') +define(`IOCTL_KGSL_GPUMEM_SYNC_CACHE', `0x00000937') +define(`IOCTL_KGSL_PERFCOUNTER_GET', `0x00000938') +define(`IOCTL_KGSL_PERFCOUNTER_PUT', `0x00000939') +define(`IOCTL_KGSL_PERFCOUNTER_QUERY', `0x0000093a') +define(`IOCTL_KGSL_PERFCOUNTER_READ', `0x0000093b') +define(`IOCTL_KGSL_GPUMEM_SYNC_CACHE_BULK', `0x0000093c') +define(`IOCTL_KGSL_SUBMIT_COMMANDS', `0x0000093d') +define(`IOCTL_KGSL_SYNCSOURCE_CREATE', `0x00000940') +define(`IOCTL_KGSL_SYNCSOURCE_DESTROY', `0x00000941') +define(`IOCTL_KGSL_SYNCSOURCE_CREATE_FENCE', `0x00000942') +define(`IOCTL_KGSL_SYNCSOURCE_SIGNAL_FENCE', `0x00000943') +define(`IOCTL_KGSL_CFF_SYNC_GPUOBJ', `0x00000944') +define(`IOCTL_KGSL_GPUOBJ_ALLOC', `0x00000945') +define(`IOCTL_KGSL_GPUOBJ_FREE', `0x00000946') +define(`IOCTL_KGSL_GPUOBJ_INFO', `0x00000947') +define(`IOCTL_KGSL_GPUOBJ_IMPORT', `0x00000948') +define(`IOCTL_KGSL_GPUOBJ_SYNC', `0x00000949') +define(`IOCTL_KGSL_GPU_COMMAND', `0x0000094a') +define(`IOCTL_KGSL_PREEMPTIONCOUNTER_QUERY', `0x0000094b') +define(`IOCTL_KGSL_GPUOBJ_SET_INFO', `0x0000094c') + +# socket ioctls defined in the kernel in include/uapi/linux/msm_ipc.h +define(`IPC_ROUTER_IOCTL_GET_VERSION', `0x0000c300') +define(`IPC_ROUTER_IOCTL_GET_MTU', `0x0000c301') +define(`IPC_ROUTER_IOCTL_LOOKUP_SERVER', `0x0000c302') +define(`IPC_ROUTER_IOCTL_GET_CURR_PKT_SIZE', `0x0000c303') +define(`IPC_ROUTER_IOCTL_BIND_CONTROL_PORT', `0x0000c304') +define(`IPC_ROUTER_IOCTL_CONFIG_SEC_RULES', `0x0000c305') diff --git a/vendor/qcom/common/ioctl_macros b/vendor/qcom/common/ioctl_macros new file mode 100644 index 0000000..c2dee28 --- /dev/null +++ b/vendor/qcom/common/ioctl_macros @@ -0,0 +1,56 @@ +define(`gpu_ioctls', `{ +IOCTL_KGSL_DEVICE_GETPROPERTY +IOCTL_KGSL_DEVICE_WAITTIMESTAMP_CTXTID +IOCTL_KGSL_DRAWCTXT_CREATE +IOCTL_KGSL_DRAWCTXT_DESTROY +IOCTL_KGSL_MAP_USER_MEM +IOCTL_KGSL_SHAREDMEM_FREE +IOCTL_KGSL_SETPROPERTY +IOCTL_KGSL_TIMESTAMP_EVENT +IOCTL_KGSL_PERFCOUNTER_GET +IOCTL_KGSL_PERFCOUNTER_PUT +IOCTL_KGSL_SYNCSOURCE_CREATE +IOCTL_KGSL_SYNCSOURCE_DESTROY +IOCTL_KGSL_SYNCSOURCE_CREATE_FENCE +IOCTL_KGSL_SYNCSOURCE_SIGNAL_FENCE +IOCTL_KGSL_GPUOBJ_ALLOC +IOCTL_KGSL_GPUOBJ_FREE +IOCTL_KGSL_GPUOBJ_INFO +IOCTL_KGSL_GPUOBJ_IMPORT +IOCTL_KGSL_GPUOBJ_SYNC +IOCTL_KGSL_GPU_COMMAND +}') + +define(`msm_sock_ipc_ioctls', `{ +IPC_ROUTER_IOCTL_GET_VERSION +IPC_ROUTER_IOCTL_GET_MTU +IPC_ROUTER_IOCTL_LOOKUP_SERVER +IPC_ROUTER_IOCTL_GET_CURR_PKT_SIZE +IPC_ROUTER_IOCTL_BIND_CONTROL_PORT +IPC_ROUTER_IOCTL_CONFIG_SEC_RULES +}') + +define(`msm_sock_qrtr_ioctls', `{ +TIOCOUTQ +}') + +define(`rmnet_sock_ioctls', `{ +SIOCDEVPRIVATE_1 +SIOCDEVPRIVATE_2 +SIOCDEVPRIVATE_3 +SIOCDEVPRIVATE_4 +SIOCDEVPRIVATE_5 +SIOCDEVPRIVATE_6 +SIOCDEVPRIVATE_7 +SIOCDEVPRIVATE_8 +SIOCDEVPRIVATE_9 +SIOCDEVPRIVATE_A +SIOCDEVPRIVATE_B +SIOCDEVPRIVATE_C +SIOCDEVPRIVATE_D +}') + +define(`wlan_sock_ioctls', `{ +SIOCSIWPRIV +SIOCIWFIRSTPRIV_15 +}') diff --git a/vendor/qcom/common/ipacm.te b/vendor/qcom/common/ipacm.te new file mode 100644 index 0000000..d1957a6 --- /dev/null +++ b/vendor/qcom/common/ipacm.te @@ -0,0 +1,9 @@ +# General definitions +type ipacm, domain; +type ipacm-diag, domain; +type ipacm_exec, exec_type, vendor_file_type, file_type; +type ipacm-diag_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(ipacm) +init_daemon_domain(ipacm-diag) + + diff --git a/vendor/qcom/common/irsc_util.te b/vendor/qcom/common/irsc_util.te new file mode 100644 index 0000000..2a35d74 --- /dev/null +++ b/vendor/qcom/common/irsc_util.te @@ -0,0 +1,5 @@ +type irsc_util, domain; +type irsc_util_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(irsc_util) + + diff --git a/vendor/qcom/common/location.te b/vendor/qcom/common/location.te new file mode 100644 index 0000000..4fed7cf --- /dev/null +++ b/vendor/qcom/common/location.te @@ -0,0 +1,7 @@ +# location - Location daemon +type location, domain; +type location_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(location) + + diff --git a/vendor/qcom/common/location_app.te b/vendor/qcom/common/location_app.te new file mode 100644 index 0000000..d9b07e8 --- /dev/null +++ b/vendor/qcom/common/location_app.te @@ -0,0 +1,3 @@ +type location_app, domain; + + diff --git a/vendor/qcom/common/logdumpd.te b/vendor/qcom/common/logdumpd.te new file mode 100644 index 0000000..7e7bb70 --- /dev/null +++ b/vendor/qcom/common/logdumpd.te @@ -0,0 +1,5 @@ +type logdumpd, domain; +type logdumpd_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(logdumpd) + diff --git a/vendor/qcom/common/mcStarter.te b/vendor/qcom/common/mcStarter.te new file mode 100644 index 0000000..a95a318 --- /dev/null +++ b/vendor/qcom/common/mcStarter.te @@ -0,0 +1,5 @@ +# mobicore daemon +type mcStarter, domain; +type mcStarter_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(mcStarter) + diff --git a/vendor/qcom/common/mdm_helper.te b/vendor/qcom/common/mdm_helper.te new file mode 100644 index 0000000..ae76d1d --- /dev/null +++ b/vendor/qcom/common/mdm_helper.te @@ -0,0 +1,7 @@ +#Policy for mdm_helper +#mdm_helper - mdm_helper domain +type mdm_helper, domain; +type mdm_helper_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(mdm_helper); + + diff --git a/vendor/qcom/common/mdtp.te b/vendor/qcom/common/mdtp.te new file mode 100644 index 0000000..c772747 --- /dev/null +++ b/vendor/qcom/common/mdtp.te @@ -0,0 +1,4 @@ +type mdtpdaemon, domain; +type mdtpdaemon_exec, exec_type, vendor_file_type, file_type; + + diff --git a/vendor/qcom/common/mdtpservice_app.te b/vendor/qcom/common/mdtpservice_app.te new file mode 100644 index 0000000..afb82db --- /dev/null +++ b/vendor/qcom/common/mdtpservice_app.te @@ -0,0 +1,2 @@ +type mdtpservice_app, domain; + diff --git a/vendor/qcom/common/mlid.te b/vendor/qcom/common/mlid.te new file mode 100644 index 0000000..563170e --- /dev/null +++ b/vendor/qcom/common/mlid.te @@ -0,0 +1,7 @@ +# mlid - Mink-Lowi Interface daemon +type mlid, domain, mlstrustedsubject; +type mlid_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(mlid) + + diff --git a/vendor/qcom/common/mm-pp-daemon.te b/vendor/qcom/common/mm-pp-daemon.te new file mode 100644 index 0000000..351977e --- /dev/null +++ b/vendor/qcom/common/mm-pp-daemon.te @@ -0,0 +1,6 @@ +type mm-pp-daemon, domain; +type mm-pp-daemon_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(mm-pp-daemon) + + diff --git a/vendor/qcom/common/mm-qcamerad.te b/vendor/qcom/common/mm-qcamerad.te new file mode 100644 index 0000000..5ec10a2 --- /dev/null +++ b/vendor/qcom/common/mm-qcamerad.te @@ -0,0 +1,4 @@ +type mm-qcamerad, domain; +type mm-qcamerad_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(mm-qcamerad) + diff --git a/vendor/qcom/common/mmi.te b/vendor/qcom/common/mmi.te new file mode 100755 index 0000000..d732954 --- /dev/null +++ b/vendor/qcom/common/mmi.te @@ -0,0 +1,5 @@ +type vendor_mmi, domain; +type vendor_mmi_exec, exec_type, vendor_file_type, file_type; +#started by init +init_daemon_domain(vendor_mmi) + diff --git a/vendor/qcom/common/msm_irqbalanced.te b/vendor/qcom/common/msm_irqbalanced.te new file mode 100644 index 0000000..c5d157c --- /dev/null +++ b/vendor/qcom/common/msm_irqbalanced.te @@ -0,0 +1,5 @@ +type msm_irqbalanced, domain; +type msm_irqbalanced_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(msm_irqbalanced) + diff --git a/vendor/qcom/common/netmgrd.te b/vendor/qcom/common/netmgrd.te new file mode 100644 index 0000000..38cc650 --- /dev/null +++ b/vendor/qcom/common/netmgrd.te @@ -0,0 +1,5 @@ +type netmgrd, domain; +type netmgrd_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(netmgrd) + + diff --git a/vendor/qcom/common/nqnfcinfo.te b/vendor/qcom/common/nqnfcinfo.te new file mode 100644 index 0000000..79501cb --- /dev/null +++ b/vendor/qcom/common/nqnfcinfo.te @@ -0,0 +1,7 @@ +type nqnfcinfo, domain; +type nqnfcinfo_exec, exec_type, vendor_file_type, file_type; + +# Started by init +init_daemon_domain(nqnfcinfo) + + diff --git a/vendor/qcom/common/pd_services.te b/vendor/qcom/common/pd_services.te new file mode 100644 index 0000000..47c28ff --- /dev/null +++ b/vendor/qcom/common/pd_services.te @@ -0,0 +1,6 @@ +type vendor_pd_mapper, domain; + +type vendor_pd_mapper_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(vendor_pd_mapper); + + diff --git a/vendor/qcom/common/perfdump_app.te b/vendor/qcom/common/perfdump_app.te new file mode 100644 index 0000000..53220db --- /dev/null +++ b/vendor/qcom/common/perfdump_app.te @@ -0,0 +1,2 @@ +type perfdump_app, domain; + diff --git a/vendor/qcom/common/peripheral_manager.te b/vendor/qcom/common/peripheral_manager.te new file mode 100644 index 0000000..915331f --- /dev/null +++ b/vendor/qcom/common/peripheral_manager.te @@ -0,0 +1,8 @@ +# Policy for peripheral_manager +# per_mgr - peripheral_manager domain +type vendor_per_mgr, domain; + +type vendor_per_mgr_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(vendor_per_mgr); + + diff --git a/vendor/qcom/common/port-bridge.te b/vendor/qcom/common/port-bridge.te new file mode 100644 index 0000000..3d3ba04 --- /dev/null +++ b/vendor/qcom/common/port-bridge.te @@ -0,0 +1,5 @@ +type port-bridge, domain; +type port-bridge_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(port-bridge) + + diff --git a/vendor/qcom/common/power_off_alarm.te b/vendor/qcom/common/power_off_alarm.te new file mode 100644 index 0000000..3c9253c --- /dev/null +++ b/vendor/qcom/common/power_off_alarm.te @@ -0,0 +1,6 @@ +type power_off_alarm, domain; +type power_off_alarm_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(power_off_alarm) + + diff --git a/vendor/qcom/common/poweroffalarm_app.te b/vendor/qcom/common/poweroffalarm_app.te new file mode 100644 index 0000000..4a53a31 --- /dev/null +++ b/vendor/qcom/common/poweroffalarm_app.te @@ -0,0 +1,3 @@ +type poweroffalarm_app, domain; + + diff --git a/vendor/qcom/common/poweroffhandler.te b/vendor/qcom/common/poweroffhandler.te new file mode 100644 index 0000000..38a3d6d --- /dev/null +++ b/vendor/qcom/common/poweroffhandler.te @@ -0,0 +1,6 @@ +# poweroffhandler oneshot service +type poweroffhandler, domain; +type poweroffhandler_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(poweroffhandler) + diff --git a/vendor/qcom/common/property.te b/vendor/qcom/common/property.te new file mode 100644 index 0000000..cd086dd --- /dev/null +++ b/vendor/qcom/common/property.te @@ -0,0 +1,147 @@ +# property for uicc_daemon +type uicc_prop, property_type; +type qcom_ims_prop, property_type; +type ctl_vendor_qmuxd_prop, property_type; +type ctl_vendor_netmgrd_prop, property_type; +type ctl_vendor_port-bridge_prop, property_type; +type ctl_qcrild_prop, property_type; +type vendor_tee_listener_prop, property_type; +type ctl_vendor_rild_prop, property_type; + +# property for LKCore ctl start +type ctl_LKCore_prop, property_type; + +# properties for usf daemons +type usf_prop, property_type; + +type freq_prop, property_type; +type vm_bms_prop, property_type; #To start vm_bms +type vendor_dataqti_prop, property_type; +type vendor_dataadpl_prop, property_type; +type vendor_ipacm_prop, property_type; +type vendor_ipacm-diag_prop, property_type; +type cnd_vendor_prop, property_type; +type sensors_prop, property_type; +type slpi_prop, property_type; +type msm_irqbalance_prop, property_type; +type msm_irqbl_sdm630_prop, property_type; +type camera_prop, property_type; +type spcomlib_prop, property_type; +type vendor_display_prop, property_type; +type scr_enabled_prop, property_type; +type bg_daemon_prop, property_type; +type bg_boot_complete_prop, property_type; +type opengles_prop, property_type; +type mdm_helper_prop, property_type; +type vendor_mpctl_prop, property_type; +type vendor_iop_prop, property_type; +#Scroll Pre-obtain +type vendor_preobtain_prop, property_type; + +# properties for ActivityManager tuning +type vendor_am_prop, property_type; + +#Needed for ubwc support +type vendor_gralloc_prop, property_type; + +type fm_prop, property_type; +type chgdiabled_prop, property_type; + + +type vendor_xlat_prop, property_type; + +# property for location +type location_prop, property_type; + +#properites for init.qcom.sh script +type qemu_hw_mainkeys_prop, property_type; +type vendor_usb_prop, property_type; + +type vendor_coresight_prop, property_type; + + +type ctl_hbtp_prop, property_type; +type vendor_alarm_boot_prop, property_type; + +# DOLBY_START +type dolby_prop, property_type; +# DOLBY_END + +type vendor_wifi_ftmd_prop, property_type; + +# WIGIG +type wigig_prop, property_type; +type fst_prop, property_type; +type ctl_vendor_wigigsvc_prop, property_type; + +#HWUI property +type hwui_prop, property_type; + +type graphics_vulkan_prop, property_type; + +#Bservice property +type bservice_prop, property_type; + +#Delayed Service Reschedule property +type reschedule_service_prop, property_type; + +#boot mode property +type vendor_boot_mode_prop, property_type; +#properties for nfc +type nfc_nq_prop, property_type; + +type vendor_rild_libpath_prop, property_type; + +#Peripheral manager +type vendor_per_mgr_state_prop, property_type; + +type vendor_system_prop, property_type; + +# Bluetooth props +type vendor_bluetooth_prop, property_type; + +# HBTP +type ctl_vendor_hbtp_prop, property_type; + +# factory properties +type ctl_vendor_mmid_prop, property_type; + +#qdma property +type vendor_qdma_prop, property_type; + +#WiFi Display +type wfd_service_prop, property_type; +type wfd_debug_prop, property_type; + +#imsrcsservice +type ctl_vendor_imsrcsservice_prop, property_type; + +#mmi +type vendor_mmi_prop, property_type; + +#time service +type vendor_time_service_prop, property_type; +type vendor_radio_prop, property_type; + +# Audio props +type vendor_audio_prop, property_type; + +#ss-restart +type vendor_ssr_prop, property_type; + +#ss-services (PD) +type vendor_pd_locater_dbg_prop, property_type; + +#qdcmss property +type vendor_qdcmss_prop, property_type; + +# Wifi Softap +type vendor_softap_prop, property_type; +#mm-parser +type mm_parser_prop, property_type; + +#mm-video +type mm_video_prop, property_type; + +#rmt_storage +type ctl_vendor_rmt_storage_prop, property_type; diff --git a/vendor/qcom/common/qcomsysd.te b/vendor/qcom/common/qcomsysd.te new file mode 100755 index 0000000..8860b3a --- /dev/null +++ b/vendor/qcom/common/qcomsysd.te @@ -0,0 +1,6 @@ +#Policy file for qcom-system-daemon +#qcomsysd = qcom-system-daemon domain +type vendor_qcomsysd, domain; +type vendor_qcomsysd_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(vendor_qcomsysd); + diff --git a/vendor/qcom/common/qdcm-ss.te b/vendor/qcom/common/qdcm-ss.te new file mode 100644 index 0000000..6658a6a --- /dev/null +++ b/vendor/qcom/common/qdcm-ss.te @@ -0,0 +1,5 @@ +type qdcm-ss, domain; +type qdcm-ss_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(qdcm-ss) + diff --git a/vendor/qcom/common/qdma_app.te b/vendor/qcom/common/qdma_app.te new file mode 100644 index 0000000..2cc4088 --- /dev/null +++ b/vendor/qcom/common/qdma_app.te @@ -0,0 +1,2 @@ +type qdma_app, domain; + diff --git a/vendor/qcom/common/qdmastatsd.te b/vendor/qcom/common/qdmastatsd.te new file mode 100644 index 0000000..4e154bb --- /dev/null +++ b/vendor/qcom/common/qdmastatsd.te @@ -0,0 +1,6 @@ +type qdmastatsd, domain, mlstrustedsubject; +type qdmastatsd_exec, file_type, vendor_file_type, exec_type; + +init_daemon_domain(qdmastatsd) + + diff --git a/vendor/qcom/common/qfp-daemon.te b/vendor/qcom/common/qfp-daemon.te new file mode 100644 index 0000000..93bd9b9 --- /dev/null +++ b/vendor/qcom/common/qfp-daemon.te @@ -0,0 +1,7 @@ +#qfp daemon for ultrasonic fingerprint sensor +type qfp-daemon, domain; +type qfp-daemon_exec, exec_type, vendor_file_type, file_type; + +hal_server_domain(qfp-daemon, hal_fingerprint) +init_daemon_domain(qfp-daemon) + diff --git a/vendor/qcom/common/qlogd.te b/vendor/qcom/common/qlogd.te new file mode 100644 index 0000000..c1901bd --- /dev/null +++ b/vendor/qcom/common/qlogd.te @@ -0,0 +1,7 @@ +# qlogd +type qlogd, domain; +type qlogd_exec, exec_type, vendor_file_type, file_type; + +# make transition from init to its domain +init_daemon_domain(qlogd) + diff --git a/vendor/qcom/common/qmuxd.te b/vendor/qcom/common/qmuxd.te new file mode 100644 index 0000000..d45cccf --- /dev/null +++ b/vendor/qcom/common/qmuxd.te @@ -0,0 +1,5 @@ +type qmuxd, domain; +type qmuxd_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(qmuxd) + + diff --git a/vendor/qcom/common/qrtr.te b/vendor/qcom/common/qrtr.te new file mode 100644 index 0000000..cac0628 --- /dev/null +++ b/vendor/qcom/common/qrtr.te @@ -0,0 +1,5 @@ +type qrtr, domain; +type qrtr_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(qrtr) + + diff --git a/vendor/qcom/common/qsee_svc_app.te b/vendor/qcom/common/qsee_svc_app.te new file mode 100644 index 0000000..9b15b87 --- /dev/null +++ b/vendor/qcom/common/qsee_svc_app.te @@ -0,0 +1,4 @@ +type qsee_svc_app, domain; +app_domain(qsee_svc_app) + + diff --git a/vendor/qcom/common/qseeproxy.te b/vendor/qcom/common/qseeproxy.te new file mode 100644 index 0000000..c4124b6 --- /dev/null +++ b/vendor/qcom/common/qseeproxy.te @@ -0,0 +1,7 @@ +type qseeproxy, domain; +type qseeproxy_exec, exec_type, vendor_file_type, file_type; + +#Allow for transition from init domain to qseeproxy +init_daemon_domain(qseeproxy) + + diff --git a/vendor/qcom/common/qti-logkit.te b/vendor/qcom/common/qti-logkit.te new file mode 100644 index 0000000..7bb5243 --- /dev/null +++ b/vendor/qcom/common/qti-logkit.te @@ -0,0 +1,6 @@ +# qti_logkit +type qti_logkit, domain, mlstrustedsubject; +init_daemon_domain(qti_logkit) +type qti_logkit_exec, exec_type, vendor_file_type, file_type; + + diff --git a/vendor/qcom/common/qti.te b/vendor/qcom/common/qti.te new file mode 100644 index 0000000..ea6a22a --- /dev/null +++ b/vendor/qcom/common/qti.te @@ -0,0 +1,4 @@ +type qti, domain; +type qti_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(qti) + diff --git a/vendor/qcom/common/qti_logkit_app.te b/vendor/qcom/common/qti_logkit_app.te new file mode 100644 index 0000000..2e9ebf1 --- /dev/null +++ b/vendor/qcom/common/qti_logkit_app.te @@ -0,0 +1,3 @@ +# new qti_logkit_app domain +type qti_logkit_app, domain; + diff --git a/vendor/qcom/common/qvop.te b/vendor/qcom/common/qvop.te new file mode 100644 index 0000000..96d269f --- /dev/null +++ b/vendor/qcom/common/qvop.te @@ -0,0 +1,6 @@ +#qvop-daemon for ultrasonic fingerprint sensor +type qvop-daemon, domain; +type qvop-daemon_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(qvop-daemon) + diff --git a/vendor/qcom/common/rfs_access.te b/vendor/qcom/common/rfs_access.te new file mode 100644 index 0000000..7ff2f58 --- /dev/null +++ b/vendor/qcom/common/rfs_access.te @@ -0,0 +1,5 @@ +# rfs_access - rfs_access daemon +type rfs_access, domain; +type rfs_access_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(rfs_access) + diff --git a/vendor/qcom/common/ridl.te b/vendor/qcom/common/ridl.te new file mode 100644 index 0000000..d365976 --- /dev/null +++ b/vendor/qcom/common/ridl.te @@ -0,0 +1,8 @@ +# RIDL +type RIDL, domain; +type RIDL_exec, exec_type, vendor_file_type, file_type; + +# make transition from init to its domain +init_daemon_domain(RIDL) + + diff --git a/vendor/qcom/common/rmt_storage.te b/vendor/qcom/common/rmt_storage.te new file mode 100644 index 0000000..3b91aa5 --- /dev/null +++ b/vendor/qcom/common/rmt_storage.te @@ -0,0 +1,6 @@ +# rmt_storage - rmt_storage daemon +type rmt_storage, domain; +type rmt_storage_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(rmt_storage) + + diff --git a/vendor/qcom/common/sec_nvm.te b/vendor/qcom/common/sec_nvm.te new file mode 100644 index 0000000..a55cd6e --- /dev/null +++ b/vendor/qcom/common/sec_nvm.te @@ -0,0 +1,8 @@ +# sec_nvm service +type sec_nvm, domain; + +type sec_nvm_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(sec_nvm) + + diff --git a/vendor/qcom/common/secotad.te b/vendor/qcom/common/secotad.te new file mode 100644 index 0000000..7df1f64 --- /dev/null +++ b/vendor/qcom/common/secotad.te @@ -0,0 +1,6 @@ +type secotad, domain; +type secotad_exec, exec_type, vendor_file_type, file_type; + +#Allow for transition from init domain to secota daemon +init_daemon_domain(secotad) + diff --git a/vendor/qcom/common/seemp_health_daemon.te b/vendor/qcom/common/seemp_health_daemon.te new file mode 100644 index 0000000..ed086ea --- /dev/null +++ b/vendor/qcom/common/seemp_health_daemon.te @@ -0,0 +1,7 @@ +type seemp_health_daemon, domain; +type seemp_health_daemon_exec, exec_type, vendor_file_type, file_type; + +#Allow for transition from init domain to seemp_health_daemon +init_daemon_domain(seemp_health_daemon) + + diff --git a/vendor/qcom/common/sensors.te b/vendor/qcom/common/sensors.te new file mode 100644 index 0000000..cdc8622 --- /dev/null +++ b/vendor/qcom/common/sensors.te @@ -0,0 +1,8 @@ +# Policy for sensor daemon +type sensors, domain; +type sensors_exec, exec_type, vendor_file_type, file_type; + +# Started by init +init_daemon_domain(sensors) + + diff --git a/vendor/qcom/common/service.te b/vendor/qcom/common/service.te new file mode 100644 index 0000000..14e9153 --- /dev/null +++ b/vendor/qcom/common/service.te @@ -0,0 +1,15 @@ +type iqfp_service, service_manager_type; +type qfp_proxy_service, service_manager_type; +type atfwd_service, service_manager_type; +type fidodaemon_service, service_manager_type; +type seemp_health_daemon_service, service_manager_type; +type secotad_service, service_manager_type; +type wbc_service, service_manager_type; +type dun_service, service_manager_type; +type imsrcs_service, service_manager_type; +type improve_touch_service, service_manager_type; +type usf_service, service_manager_type; +type dtseagleservice_service, service_manager_type; +type gba_auth_service, service_manager_type; +type mdtpdaemon_service, service_manager_type; +type qtitetherservice_service, service_manager_type; diff --git a/vendor/qcom/common/spdaemon.te b/vendor/qcom/common/spdaemon.te new file mode 100644 index 0000000..4ac1176 --- /dev/null +++ b/vendor/qcom/common/spdaemon.te @@ -0,0 +1,8 @@ +# spdaemon service +type spdaemon, domain; + +type spdaemon_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(spdaemon) + + diff --git a/vendor/qcom/common/ssgqmigd.te b/vendor/qcom/common/ssgqmigd.te new file mode 100644 index 0000000..81163eb --- /dev/null +++ b/vendor/qcom/common/ssgqmigd.te @@ -0,0 +1,7 @@ +# ssgqmigd - SSG QMI Gateway Daemon +type ssgqmigd, domain, mlstrustedsubject; +type ssgqmigd_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(ssgqmigd) + + diff --git a/vendor/qcom/common/ssr_diag.te b/vendor/qcom/common/ssr_diag.te new file mode 100644 index 0000000..3260ff1 --- /dev/null +++ b/vendor/qcom/common/ssr_diag.te @@ -0,0 +1,4 @@ +type vendor_ssr_diag, domain; +type vendor_ssr_diag_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(vendor_ssr_diag); + diff --git a/vendor/qcom/common/ssr_setup.te b/vendor/qcom/common/ssr_setup.te new file mode 100644 index 0000000..c323ba1 --- /dev/null +++ b/vendor/qcom/common/ssr_setup.te @@ -0,0 +1,7 @@ +# Policy for ssr_setup +# ssr_setup - ssr_setup domain +type vendor_ssr_setup, domain; +type vendor_ssr_setup_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(vendor_ssr_setup); + + diff --git a/vendor/qcom/common/subsystem_ramdump.te b/vendor/qcom/common/subsystem_ramdump.te new file mode 100644 index 0000000..74a3327 --- /dev/null +++ b/vendor/qcom/common/subsystem_ramdump.te @@ -0,0 +1,5 @@ +type vendor_subsystem_ramdump, domain; +type vendor_subsystem_ramdump_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(vendor_subsystem_ramdump); + + diff --git a/vendor/qcom/common/tbaseLoader.te b/vendor/qcom/common/tbaseLoader.te new file mode 100644 index 0000000..d393233 --- /dev/null +++ b/vendor/qcom/common/tbaseLoader.te @@ -0,0 +1,6 @@ +# tbase loader +type tbaseLoader, domain; +type tbaseLoader_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(tbaseLoader) + + diff --git a/vendor/qcom/common/thermal-engine.te b/vendor/qcom/common/thermal-engine.te new file mode 100644 index 0000000..8472b9b --- /dev/null +++ b/vendor/qcom/common/thermal-engine.te @@ -0,0 +1,8 @@ +# Thermal-engine daemon +type thermal-engine, domain; +type thermal-engine_exec, exec_type, vendor_file_type, file_type; + +# Started by init +init_daemon_domain(thermal-engine) + + diff --git a/vendor/qcom/common/time_daemon.te b/vendor/qcom/common/time_daemon.te new file mode 100644 index 0000000..37a3227 --- /dev/null +++ b/vendor/qcom/common/time_daemon.te @@ -0,0 +1,8 @@ +# Policies for time daemon +type time_daemon, domain, mlstrustedsubject; +type time_daemon_exec, exec_type, vendor_file_type, file_type; +type time_data_file, file_type, data_file_type; + +# Make transition to its own time_daemon domain from init +init_daemon_domain(time_daemon) + diff --git a/vendor/qcom/common/timeservice_app.te b/vendor/qcom/common/timeservice_app.te new file mode 100644 index 0000000..c83f813 --- /dev/null +++ b/vendor/qcom/common/timeservice_app.te @@ -0,0 +1,4 @@ +type timeservice_app, domain; +app_domain(timeservice_app); + + diff --git a/vendor/qcom/common/tlocd.te b/vendor/qcom/common/tlocd.te new file mode 100644 index 0000000..eb62f3a --- /dev/null +++ b/vendor/qcom/common/tlocd.te @@ -0,0 +1,6 @@ +type tlocd, domain; +type tlocd_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(tlocd) + + diff --git a/vendor/qcom/common/touchfusion.te b/vendor/qcom/common/touchfusion.te new file mode 100644 index 0000000..694fc5f --- /dev/null +++ b/vendor/qcom/common/touchfusion.te @@ -0,0 +1,8 @@ +# Policies for touchfusion +type touchfusion, domain; + +type touchfusion_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(touchfusion) + + diff --git a/vendor/qcom/common/usb_uicc_daemon.te b/vendor/qcom/common/usb_uicc_daemon.te new file mode 100644 index 0000000..c51f063 --- /dev/null +++ b/vendor/qcom/common/usb_uicc_daemon.te @@ -0,0 +1,8 @@ +# usb_uicc_daemon +type usb_uicc_daemon, domain; +type usb_uicc_daemon_exec, exec_type, vendor_file_type, file_type; + +# Make transition from init to its domain +init_daemon_domain(usb_uicc_daemon) + + diff --git a/vendor/qcom/common/usf.te b/vendor/qcom/common/usf.te new file mode 100644 index 0000000..b8f5870 --- /dev/null +++ b/vendor/qcom/common/usf.te @@ -0,0 +1,7 @@ +# Policy for usf daemons +type usf, domain; +type usf_exec, exec_type, vendor_file_type, file_type; + +# Started by init +init_daemon_domain(usf) + diff --git a/vendor/qcom/common/vendor_init.te b/vendor/qcom/common/vendor_init.te new file mode 100644 index 0000000..c6da3ad --- /dev/null +++ b/vendor/qcom/common/vendor_init.te @@ -0,0 +1,2 @@ +type vendor_init_exec, exec_type, vendor_file_type, file_type; + diff --git a/vendor/qcom/common/vm_bms.te b/vendor/qcom/common/vm_bms.te new file mode 100644 index 0000000..8be2eb2 --- /dev/null +++ b/vendor/qcom/common/vm_bms.te @@ -0,0 +1,8 @@ +#integrated process +type vm_bms, domain; +type vm_bms_exec, exec_type, vendor_file_type, file_type; + +#started by init +init_daemon_domain(vm_bms) + + diff --git a/vendor/qcom/common/vndservice.te b/vendor/qcom/common/vndservice.te new file mode 100644 index 0000000..a1981a9 --- /dev/null +++ b/vendor/qcom/common/vndservice.te @@ -0,0 +1,5 @@ +type vendor_per_mgr_service, vndservice_manager_type; +type qdisplay_service, vndservice_manager_type; +type qseeproxy_service, vndservice_manager_type; +type esepmdaemon_service, vndservice_manager_type; +type wfdnativemm_service, vndservice_manager_type; diff --git a/vendor/qcom/common/vppservice.te b/vendor/qcom/common/vppservice.te new file mode 100755 index 0000000..b8ba1fc --- /dev/null +++ b/vendor/qcom/common/vppservice.te @@ -0,0 +1,7 @@ +# Define domain +type vendor_vppservice, domain; +type vendor_vppservice_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(vendor_vppservice) + + diff --git a/vendor/qcom/common/wcnss_filter.te b/vendor/qcom/common/wcnss_filter.te new file mode 100644 index 0000000..dcaa9f5 --- /dev/null +++ b/vendor/qcom/common/wcnss_filter.te @@ -0,0 +1,5 @@ +type wcnss_filter, domain; +type wcnss_filter_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(wcnss_filter) + diff --git a/vendor/qcom/common/wcnss_service.te b/vendor/qcom/common/wcnss_service.te new file mode 100644 index 0000000..540a1e5 --- /dev/null +++ b/vendor/qcom/common/wcnss_service.te @@ -0,0 +1,5 @@ +type wcnss_service, domain; +type wcnss_service_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(wcnss_service) + diff --git a/vendor/qcom/common/wifi_ftmd.te b/vendor/qcom/common/wifi_ftmd.te new file mode 100644 index 0000000..1a3a082 --- /dev/null +++ b/vendor/qcom/common/wifi_ftmd.te @@ -0,0 +1,5 @@ +type wifi_ftmd, domain; +type wifi_ftmd_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(wifi_ftmd) + diff --git a/vendor/qcom/common/wifidisplayhalservice.te b/vendor/qcom/common/wifidisplayhalservice.te new file mode 100644 index 0000000..5d464a3 --- /dev/null +++ b/vendor/qcom/common/wifidisplayhalservice.te @@ -0,0 +1,4 @@ +#Define Domain +type wifidisplayhalservice_qti, domain; +type wifidisplayhalservice_qti_exec, exec_type, vendor_file_type, file_type; + diff --git a/vendor/qcom/common/wigighalsvc.te b/vendor/qcom/common/wigighalsvc.te new file mode 100644 index 0000000..2921f5a --- /dev/null +++ b/vendor/qcom/common/wigighalsvc.te @@ -0,0 +1,5 @@ +type wigighalsvc, domain; +type wigighalsvc_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(wigighalsvc) + diff --git a/vendor/qcom/common/wigignpt.te b/vendor/qcom/common/wigignpt.te new file mode 100644 index 0000000..f5ee163 --- /dev/null +++ b/vendor/qcom/common/wigignpt.te @@ -0,0 +1,5 @@ +type wigignpt, domain; +type wigignpt_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(wigignpt) + diff --git a/vendor/qcom/sm8150/file.te b/vendor/qcom/sm8150/file.te new file mode 100644 index 0000000..8a4e1ac --- /dev/null +++ b/vendor/qcom/sm8150/file.te @@ -0,0 +1 @@ +type netmgr_recovery_data_file, file_type, data_file_type; diff --git a/vendor/qcom/sm8150/file_contexts b/vendor/qcom/sm8150/file_contexts new file mode 100644 index 0000000..0e5466a --- /dev/null +++ b/vendor/qcom/sm8150/file_contexts @@ -0,0 +1,15 @@ +################################## +# non-hlos mount points +/firmware u:object_r:firmware_file:s0 +/bt_firmware u:object_r:bt_firmware_file:s0 + +# Same process file +/vendor/lib(64)?/hw/gralloc\.msmnile\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/hw/vulkan\.msmnile\.so u:object_r:same_process_hal_file:s0 + +/(vendor|system/vendor)/bin/sscrpcd u:object_r:sensors_exec:s0 + + +# /dev/block/bootdevice setup script - temporary +/(vendor|system/vendor)/bin/init\.qti\.getbootdevice\.sh u:object_r:vendor_init_exec:s0 + |