diff options
Diffstat (limited to 'r_non_plat/mdlogger.te')
| -rw-r--r-- | r_non_plat/mdlogger.te | 62 |
1 files changed, 0 insertions, 62 deletions
diff --git a/r_non_plat/mdlogger.te b/r_non_plat/mdlogger.te deleted file mode 100644 index 5c34491..0000000 --- a/r_non_plat/mdlogger.te +++ /dev/null @@ -1,62 +0,0 @@ -#allow mdlogger to set property -allow mdlogger debug_mdlogger_prop:property_service set; -allow mdlogger debug_prop:property_service set; - -# ccci device for internal modem -allow mdlogger ccci_device:chr_file { rw_file_perms }; - -# usb device ttyGSx for modem logger usb logging -allow mdlogger ttyGS_device:chr_file { rw_file_perms}; - -# modem logger access on /data/mdlog -allow mdlogger mdlog_data_file:dir { create_dir_perms relabelto}; -allow mdlogger mdlog_data_file:fifo_file { create_file_perms}; -allow mdlogger mdlog_data_file:file { create_file_perms }; - -# modem logger control port access /dev/ttyC1 -allow mdlogger mdlog_device:chr_file { rw_file_perms}; - - -#modem logger SD logging in factory mode -allow mdlogger vfat:dir create_dir_perms; -allow mdlogger vfat:file create_file_perms; - -#mdlogger for read /sdcard -allow mdlogger tmpfs:lnk_file read; -allow mdlogger storage_file:lnk_file rw_file_perms; -allow mdlogger mnt_user_file:dir search; -allow mdlogger mnt_user_file:lnk_file rw_file_perms; -allow mdlogger sdcard_type:file create_file_perms; -allow mdlogger sdcard_type:dir { create_dir_perms }; -allow mdlogger storage_file:dir { create_dir_perms }; -allow mdlogger storage_file:file { create_file_perms }; - - -# Allow read to sys/kernel/ccci/* files -allow mdlogger sysfs_ccci:dir search; -allow mdlogger sysfs_ccci:file r_file_perms; - -# purpose: allow mdlogger to access storage in new version -allow mdlogger media_rw_data_file:file { create_file_perms }; -allow mdlogger media_rw_data_file:dir { create_dir_perms }; - -#avc: denied { connectto } for path=006165653A72747464 scontext=u:r:mdlogger:s0 -#tcontext=u:object_r:aee_aed_socket:s0 tclass=unix_stream_socket permissive=0 -#security issue control -allow mdlogger aee_aed:unix_stream_socket connectto; - -## purpose: avc: denied { read } for name="plat_file_contexts" -allow emdlogger file_contexts_file:file { read getattr open}; - -#permission for read boot mode -#avc: denied { open } path="/sys/devices/virtual/BOOT/BOOT/boot/boot_mode" dev="sysfs" -allow mdlogger sysfs_boot_mode:file { read open }; - -# avc: denied { open } for path="system/etc/mddb" dev="mmcblk0p21" scontext=u:r:emdlogger:s0 tcontext=u:object_r:system_file:s0 tclass=dir permissive=0 -allow mdlogger system_file:dir { read open }; - -# Android P migration -set_prop(mdlogger, vendor_mdl_prop) -set_prop(mdlogger, debug_mdlogger_prop) -set_prop(mdlogger, persist_mdlog_prop) -set_prop(mdlogger, persist_mtklog_prop) |