type bbd_device, dev_type;
type drb_device, dev_type;
+type epic_device, dev_type;
type fp_sensor_device, dev_type;
type io_device, dev_type;
+type pm_qos_device, dev_type;
type radio_qos_device, dev_type;
type ssp_device, dev_type;
type vendor_radio_device, dev_type;
--- /dev/null
+type epicd, domain;
+type epicd_exec, exec_type, vendor_file_type, file_type;
+
+# epicd is started by init, type transit from init domain to epicd domain
+init_daemon_domain(epicd)
+
+# WTF?
+# execve("/vendor/bin/sh", ["sh", "-c", "getprop ro.hardware"]
+allow epicd vendor_shell_exec:file execute_no_trans;
+
+# WTF?
+# execve("/vendor/bin/getprop", ["getprop", "ro.hardware"]
+allow epicd vendor_toolbox_exec:file execute_no_trans;
+
+# /dev/cluster[0-9]_freq_(max|min)
+# /dev/*_throughput*
+# /dev/gpu_freq_(max|min)
+allow epicd pm_qos_device:chr_file rw_file_perms;
+
+# /dev/socket/
+allow epicd socket_device:dir w_dir_perms;
+
+# /dev/socket/epic
+allow epicd epicd_socket:unix_dgram_socket { read write };
+
+# /dev/mode
+allow epicd epic_device:chr_file rw_file_perms;
type tee_efs_file, file_type;
type wifi_efs_file, file_type;
+# SOCKETS
+type epicd_socket, file_type, data_file_type;
+
### SYSFS
type sysfs_argos, sysfs_type, r_fs_type, fs_type;
type sysfs_battery, sysfs_type, r_fs_type, fs_type;
/dev/batch_io u:object_r:io_device:s0
/dev/ssp_sensorhub u:object_r:ssp_device:s0
+### epic
+/dev/mode u:object_r:epic_device:s0
+/dev/socket/epic u:object_r:epicd_socket:s0
+
### gnss/gps
/dev/bbd_control u:object_r:bbd_device:s0
/dev/bbd_packet u:object_r:bbd_device:s0
/dev/ttyBCM[0-9]* u:object_r:bbd_device:s0
### qos
+/dev/bus_throughput u:object_r:pm_qos_device:s0
+/dev/bus_throughput_max u:object_r:pm_qos_device:s0
+/dev/cluster0_freq_max u:object_r:pm_qos_device:s0
+/dev/cluster0_freq_min u:object_r:pm_qos_device:s0
+/dev/cluster1_freq_max u:object_r:pm_qos_device:s0
+/dev/cluster1_freq_min u:object_r:pm_qos_device:s0
+/dev/cluster2_freq_max u:object_r:pm_qos_device:s0
+/dev/cluster2_freq_min u:object_r:pm_qos_device:s0
+/dev/cpu_online_max u:object_r:pm_qos_device:s0
+/dev/cpu_online_min u:object_r:pm_qos_device:s0
+/dev/device_throughput u:object_r:pm_qos_device:s0
+/dev/device_throughput_max u:object_r:pm_qos_device:s0
+/dev/gpu_freq_max u:object_r:pm_qos_device:s0
+/dev/gpu_freq_min u:object_r:pm_qos_device:s0
+/dev/mfc_throughput u:object_r:pm_qos_device:s0
+/dev/mfc_throughput_max u:object_r:pm_qos_device:s0
/dev/network_throughput u:object_r:radio_qos_device:s0
+/dev/npu_throughput u:object_r:pm_qos_device:s0
+/dev/npu_throughput_max u:object_r:pm_qos_device:s0
### radio
# DRB
projects / GitHub / LineageOS / android_device_samsung_slsi_sepolicy.git / commitdiff