type fm_device, dev_type;
-type pktrouter_device, dev_type;
#
/system/bin/clean_scratch_files u:object_r:clean_scratch_files_exec:s0
-/system/bin/wfc-pkt-router u:object_r:netutils_wrapper_exec:s0
##########################
# Devices
#
/dev/radio0 u:object_r:fm_device:s0
-/dev/umts_wfc0 u:object_r:pktrouter_device:s0
-/dev/umts_wfc1 u:object_r:pktrouter_device:s0
+++ /dev/null
-init_daemon_domain(netutils_wrapper)
-allow netutils_wrapper pktrouter_device:chr_file rw_file_perms;
-
-allow netutils_wrapper self:packet_socket create_socket_perms_no_ioctl;
-allow netutils_wrapper node:rawip_socket node_bind;
-allow netutils_wrapper port:udp_socket name_bind;
-allow netutils_wrapper node:udp_socket node_bind;
-
-dontaudit netutils_wrapper self:capability dac_override;
type m2m1shot_device, dev_type;
type oem_block_device, dev_type;
type persist_block_device, dev_type;
+type pktrouter_device, dev_type;
type proinfo_block_device, dev_type;
type slotinfo_block_device, dev_type;
type utags_block_device, dev_type;
/(vendor|system/vendor)/bin/charon u:object_r:charonservice_exec:s0
/(vendor|system/vendor)/bin/exynos-thermald u:object_r:exynos-thermald_exec:s0
/(vendor|system/vendor)/bin/mcDriverDaemon u:object_r:tee_exec:s0
+/(vendor|system/vendor)/bin/wfc-pkt-router u:object_r:pktrouter_exec:s0
/(vendor|system/vendor)/bin/hw/rild_exynos u:object_r:rild_exec:s0
/(vendor|system/vendor)/bin/hw/gpsd u:object_r:gpsd_exec:s0
/dev/ttyGS[0-3]* u:object_r:serial_device:s0
+/dev/umts_wfc0 u:object_r:pktrouter_device:s0
+/dev/umts_wfc1 u:object_r:pktrouter_device:s0
+
####################################
# HIDL
#
/(vendor|system/vendor)/bin/hw/android.hardware.biometrics.fingerprint@2.1-service-rbs u:object_r:hal_fingerprint_default_exec:s0
/(vendor|system/vendor)/bin/hw/android.hardware.drm@1.3-service.clearkey u:object_r:hal_drm_clearkey_exec:s0
/(vendor|system/vendor)/bin/hw/android.hardware.drm@1.2-service.widevine u:object_r:hal_drm_widevine_exec:s0
+/(vendor|system/vendor)/bin/hw/android.hardware.drm@1.3-service.widevine u:object_r:hal_drm_widevine_exec:s0
/(vendor|system/vendor)/bin/hw/android.hardware.nfc@1.2-service.samsung u:object_r:hal_nfc_default_exec:s0
-/(vendor|system/vendor)/bin/hw/android.hardware.secure_element@1.1-service-uicc u:object_r:hal_secure_element_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android.hardware.secure_element@1.2-uicc-service u:object_r:hal_secure_element_default_exec:s0
/(vendor|system/vendor)/bin/hw/android.hardware.vibrator@1.0-service.exynos9610 u:object_r:hal_vibrator_default_exec:s0
+/(vendor|system/vendor)/bin/hw/samsung.hardware.media.c2@1.1-default-service u:object_r:mediacodec_exec:s0
/(vendor|system/vendor)/bin/hw/vendor.lineage.livedisplay@2.0-service.exynos9610 u:object_r:hal_lineage_livedisplay_exynos_exec:s0
/(vendor|system/vendor)/bin/hw/vendor.samsung.hardware.gnss@1.0-service u:object_r:hal_gnss_default_exec:s0
--- /dev/null
+type pktrouter, domain, mlstrustedsubject;
+type pktrouter_exec, exec_type, file_type, vendor_file_type;
+init_daemon_domain(pktrouter)
+
+allow pktrouter pktrouter_device:chr_file rw_file_perms;
+
+allow pktrouter self:packet_socket create_socket_perms_no_ioctl;
+allow pktrouter node:rawip_socket node_bind;
+allow pktrouter port:udp_socket name_bind;
+allow pktrouter node:udp_socket node_bind;
+allow pktrouter self:netlink_route_socket { create bind write nlmsg_write read };
+
+allowxperm pktrouter self:udp_socket ioctl SIOCGIFNAME;
+allow pktrouter self:capability net_raw;
+allow pktrouter self:udp_socket create_socket_perms;
vendor.charon u:object_r:vendor_ims_prop:s0
vendor.charon.route u:object_r:vendor_ims_prop:s0
custom.charon.status u:object_r:vendor_ims_prop:s0
+vendor.pktrouter u:object_r:vendor_ims_prop:s0
# HWC
ro.vendor.ddk.set.afbc u:object_r:vendor_hwc_prop:s0
binder_call(radio, gpuservice)
+
+allow radio hal_exynos_rild_hwservice:hwservice_manager find;
projects / GitHub / LineageOS / android_device_motorola_exynos9610-common.git / commitdiff