From: Andreas Schneider Date: Wed, 8 Apr 2020 17:14:33 +0000 (+0200) Subject: common: Add epicd X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=fe59b2f9ef2de65c308b8bd6d2b026f5be920830;p=GitHub%2FLineageOS%2Fandroid_device_samsung_slsi_sepolicy.git common: Add epicd Change-Id: I44a9fd6f0b58235daed02f69607dae09c13b610b --- diff --git a/common/vendor/device.te b/common/vendor/device.te index 3ba5a9f..346aa4a 100644 --- a/common/vendor/device.te +++ b/common/vendor/device.te @@ -10,8 +10,10 @@ type sec_efs_block_device, dev_type; type bbd_device, dev_type; type drb_device, dev_type; +type epic_device, dev_type; type fp_sensor_device, dev_type; type io_device, dev_type; +type pm_qos_device, dev_type; type radio_qos_device, dev_type; type ssp_device, dev_type; type vendor_radio_device, dev_type; diff --git a/common/vendor/epicd.te b/common/vendor/epicd.te new file mode 100644 index 0000000..40aa60c --- /dev/null +++ b/common/vendor/epicd.te @@ -0,0 +1,27 @@ +type epicd, domain; +type epicd_exec, exec_type, vendor_file_type, file_type; + +# epicd is started by init, type transit from init domain to epicd domain +init_daemon_domain(epicd) + +# WTF? +# execve("/vendor/bin/sh", ["sh", "-c", "getprop ro.hardware"] +allow epicd vendor_shell_exec:file execute_no_trans; + +# WTF? +# execve("/vendor/bin/getprop", ["getprop", "ro.hardware"] +allow epicd vendor_toolbox_exec:file execute_no_trans; + +# /dev/cluster[0-9]_freq_(max|min) +# /dev/*_throughput* +# /dev/gpu_freq_(max|min) +allow epicd pm_qos_device:chr_file rw_file_perms; + +# /dev/socket/ +allow epicd socket_device:dir w_dir_perms; + +# /dev/socket/epic +allow epicd epicd_socket:unix_dgram_socket { read write }; + +# /dev/mode +allow epicd epic_device:chr_file rw_file_perms; diff --git a/common/vendor/file.te b/common/vendor/file.te index c67ca6d..3ebe446 100644 --- a/common/vendor/file.te +++ b/common/vendor/file.te @@ -20,6 +20,9 @@ type sec_efs_file, file_type; type tee_efs_file, file_type; type wifi_efs_file, file_type; +# SOCKETS +type epicd_socket, file_type, data_file_type; + ### SYSFS type sysfs_argos, sysfs_type, r_fs_type, fs_type; type sysfs_battery, sysfs_type, r_fs_type, fs_type; diff --git a/common/vendor/file_contexts b/common/vendor/file_contexts index 234d946..c95733d 100644 --- a/common/vendor/file_contexts +++ b/common/vendor/file_contexts @@ -27,6 +27,10 @@ /dev/batch_io u:object_r:io_device:s0 /dev/ssp_sensorhub u:object_r:ssp_device:s0 +### epic +/dev/mode u:object_r:epic_device:s0 +/dev/socket/epic u:object_r:epicd_socket:s0 + ### gnss/gps /dev/bbd_control u:object_r:bbd_device:s0 /dev/bbd_packet u:object_r:bbd_device:s0 @@ -38,7 +42,25 @@ /dev/ttyBCM[0-9]* u:object_r:bbd_device:s0 ### qos +/dev/bus_throughput u:object_r:pm_qos_device:s0 +/dev/bus_throughput_max u:object_r:pm_qos_device:s0 +/dev/cluster0_freq_max u:object_r:pm_qos_device:s0 +/dev/cluster0_freq_min u:object_r:pm_qos_device:s0 +/dev/cluster1_freq_max u:object_r:pm_qos_device:s0 +/dev/cluster1_freq_min u:object_r:pm_qos_device:s0 +/dev/cluster2_freq_max u:object_r:pm_qos_device:s0 +/dev/cluster2_freq_min u:object_r:pm_qos_device:s0 +/dev/cpu_online_max u:object_r:pm_qos_device:s0 +/dev/cpu_online_min u:object_r:pm_qos_device:s0 +/dev/device_throughput u:object_r:pm_qos_device:s0 +/dev/device_throughput_max u:object_r:pm_qos_device:s0 +/dev/gpu_freq_max u:object_r:pm_qos_device:s0 +/dev/gpu_freq_min u:object_r:pm_qos_device:s0 +/dev/mfc_throughput u:object_r:pm_qos_device:s0 +/dev/mfc_throughput_max u:object_r:pm_qos_device:s0 /dev/network_throughput u:object_r:radio_qos_device:s0 +/dev/npu_throughput u:object_r:pm_qos_device:s0 +/dev/npu_throughput_max u:object_r:pm_qos_device:s0 ### radio # DRB