projects / GitHub / exynos8895 / android_device_samsung_universal8895-common.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Sepolicy: clean-up and use macros where suitable
[GitHub/exynos8895/android_device_samsung_universal8895-common.git] / sepolicy / init.te
1 allow init rild:unix_stream_socket connectto;
2 allow init self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
3 allow init socket_device:sock_file create_file_perms;
4 allow init sysfs_devices_system_cpu:file write;
5 allow init vendor_data_file:fifo_file write;
6 allow init vendor_data_file:file append;
7 allow init dnsproxyd_socket:sock_file write;
8 allow init fwk_sensor_hwservice:hwservice_manager find;
9 allow init hwservicemanager:binder call;
10 allow init netd:unix_stream_socket connectto;
11 allow init fwmarkd_socket:sock_file write;
12 allow init nfc:binder call;
13 allow init nfc_device:chr_file ioctl;
14 allow init efs_file:dir mounton;
15 allow init efs_block_device:lnk_file relabelto;
16 allow init tmpfs:lnk_file create;
17
18 allow init sysfs_virtual:file create_file_perms;
19 allow init sysfs_virtual:lnk_file { read };
20 allow init sysfs:file setattr;
21 allow init sysfs_multipdp:file setattr;
22 allow init sysfs_camera:file setattr;
23 allow init sysfs_charger:file setattr;
24 allow init sysfs_input:file setattr;
25 allow init sysfs_lcd:file setattr;
26 allow init sysfs_mdnie:file setattr;
27 allow init sysfs_modem:file w_file_perms;
28 allow init sysfs_battery_writable:file setattr;
29 allow init sysfs_mmc_host_writable:file setattr;
30 allow init sysfs_scsi_host_writable:file setattr;
31 allow init sysfs_power_writable:file setattr;
32 allow init sysfs_bt_writable:file setattr;
33 allow init sysfs_graphics:file create_file_perms;
34 allow init sysfs_touchscreen_writable:file setattr;
35
36 allow init system_server:binder { transfer call };
37 allow init tee_device:chr_file rw_file_perms;
38 allow init device:chr_file ioctl;
39 allow init self:tcp_socket create_socket_perms;
40 allow init node:tcp_socket node_bind;
41 allow init port:tcp_socket { name_bind name_connect };
42 allow init gps_vendor_data_file:fifo_file write;
43 allow init gps_vendor_data_file:file lock;
44 allow init socket_device:sock_file create_file_perms;
45 allow init kernel:system module_request;
46
47 allow init proc:file setattr;
48 allow init proc_swapiness:file write;
49 allow init proc_extra:file setattr;
50 allow init proc_reset_reason:file setattr;
51 allow init proc_swapiness:file open;
52
53 unix_socket_connect(init, property, rild)