blob: c8002d055ce9ebd5d2e655cba37836b89dcae607 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
# /dev/tty* I/O. Needed for /dev/ttyS0
allow init serial_device:chr_file rw_file_perms;
# Write to /configfs files. Needed only for /config/usb_gadget subtree.
allow init configfs:file w_file_perms;
allow init configfs:lnk_file create;
# Add loadable modules. Needed for usbfunc:diag, usbfunc:diag, usbfunc:gsi, usbfunc:qdss modules.
allow init kernel:system module_request;
# binfmt_misc arm for ndk translator
allow init binfmt_miscfs:file w_file_perms;
allow init proc:dir mounton;
# init relabel vbmeta* and boot* symlinks under /dev/block/by-name/.
allow init ab_block_device:lnk_file relabelto;
allow init boot_block_device:lnk_file relabelto;
# init needs to tune block device
allow init sysfs_devices_block:file w_file_perms;
# /mnt/sdcard -> /storage/self/primary symlink is deprecated. Ignore attempts to
# create it. This denial is fixed in core policy in Android R aosp/943799.
dontaudit init tmpfs:lnk_file create;
# permit mount of virtiofs on /mnt/vendor/shared
allow init mnt_vendor_file:dir mounton;
allow init keymaster_device:chr_file rw_file_perms;
allow init gatekeeper_device:chr_file rw_file_perms;
allow init confirmationui_device:chr_file rw_file_perms;
allow init bt_device:chr_file rw_file_perms;
allow init uwb_device:chr_file rw_file_perms;
allow init oemlock_device:chr_file rw_file_perms;
allow init keymint_device:chr_file rw_file_perms;
allow init frp_block_device:blk_file setattr;
|
