diff options
Diffstat (limited to 'sepolicy')
-rw-r--r-- | sepolicy/fingerprintd.te | 3 | ||||
-rw-r--r-- | sepolicy/hal_gnss.te | 10 |
2 files changed, 12 insertions, 1 deletions
diff --git a/sepolicy/fingerprintd.te b/sepolicy/fingerprintd.te index 4962742..f5160aa 100644 --- a/sepolicy/fingerprintd.te +++ b/sepolicy/fingerprintd.te @@ -8,4 +8,5 @@ allow fingerprintd sysfs_fingerprintd:file rw_file_perms; allow fingerprintd sysfs_fingerprintd:dir search; allow fingerprintd sysfs_fingerprintd:dir r_dir_perms; # open/write/ioctl /dev/uinput -allow fingerprintd uhid_device:chr_file { open write ioctl }; +allow fingerprintd uhid_device:chr_file rw_file_perms; +allow fingerprintd fingerprintd_data_file:sock_file create_file_perms; diff --git a/sepolicy/hal_gnss.te b/sepolicy/hal_gnss.te new file mode 100644 index 0000000..afb8f19 --- /dev/null +++ b/sepolicy/hal_gnss.te @@ -0,0 +1,10 @@ +#access to /sys/devices/soc0/hw_platform and /sys/devices/soc0/soc_id +allow hal_gnss sysfs:file { read open getattr }; + +allow hal_gnss self:socket { create read write ioctl } ; +allowxperm hal_gnss self:socket ioctl { IPC_ROUTER_IOCTL_BIND_CONTROL_PORT + IPC_ROUTER_IOCTL_LOOKUP_SERVER } ; +allow hal_gnss self:netlink_socket { create bind read }; + +allow hal_gnss sysfs_msm_subsys:dir { search read open }; +allow hal_gnss sysfs_msm_subsys:lnk_file read; |