diff options
| author | rogersb11 <brettrogers11@gmail.com> | 2015-10-08 08:54:45 -0400 |
|---|---|---|
| committer | rogersb11 <brettrogers11@gmail.com> | 2015-10-08 08:59:49 -0400 |
| commit | 8e368fa918f244e214ee8bd53ce332ce6ad74663 (patch) | |
| tree | b45df79c017e84f0cef6a28bf451eadf6191e35b /selinux/kickstart.te | |
| parent | 34bd90250533d2ecfbf74ffd0bb536f7f26cebd4 (diff) | |
| download | device_samsung_t0lte-8e368fa918f244e214ee8bd53ce332ce6ad74663.tar.gz device_samsung_t0lte-8e368fa918f244e214ee8bd53ce332ce6ad74663.tar.bz2 device_samsung_t0lte-8e368fa918f244e214ee8bd53ce332ce6ad74663.zip | |
Remove device specific SEPolicy
Change-Id: Icf65691f123dd940cd86a26c7e355adf4a4b8f29
Diffstat (limited to 'selinux/kickstart.te')
| -rwxr-xr-x | selinux/kickstart.te | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/selinux/kickstart.te b/selinux/kickstart.te deleted file mode 100755 index d663145..0000000 --- a/selinux/kickstart.te +++ /dev/null @@ -1,52 +0,0 @@ -# kickstart processes and scripts -type kickstart, domain; -type kickstart_exec, exec_type, file_type; - -# kickstart_checker.sh talks to init over the property socket -unix_socket_connect(kickstart, property, init) - -# Start /system/bin/qcks from init -init_daemon_domain(kickstart) - -# Spawn /system/bin/efsks and /system/bin/ks -allow kickstart kickstart_exec:file { open execute_no_trans getattr }; - -# Run dd on m9kefs[123] block devices; write to /data/qcks/ -# Run cat on firmware and m9kefs[123] data; write to /data/qcks/ -allow kickstart mmc_block_device:blk_file { getattr read write open }; -allow kickstart kickstart_data_file:file create_file_perms; -allow kickstart kickstart_data_file:dir rw_dir_perms; -allow kickstart radio_efs_file:file r_file_perms; -allow kickstart radio_efs_file:dir search; - -# Let qcks access /dev/mdm node (modem driver) -allow kickstart radio_device:chr_file rw_file_perms; - -# Allow /dev/ttyUSB0 access -allow kickstart radio_device:chr_file { write ioctl getattr }; - -# Allow to run toolbox commands -allow kickstart shell_exec:file rx_file_perms; -# Toolbox commands for firmware dd -allow kickstart system_file:file execute_no_trans; - -# Access to /dev/block/platform/msm_sdcc.1/by-name/m9kefs2 -allow kickstart block_device:dir { getattr write search }; - -# Set system property key -allow kickstart radio_prop:property_service set; - -allow kickstart shell_exec:file entrypoint; -# ls on /data/qcks/ -allow kickstart self:capability { dac_override setuid }; - -# XXX Label sysfs files with a specific type? -allow kickstart sysfs:file rw_file_perms; - -allow kickstart unlabeled:file { setattr getattr read write open }; -allow kickstart vfat:file { getattr read open }; -allow kickstart kickstart:process { execmem }; -#allow kickstart usbfs:filesystem { mount }; -allow kickstart usbfs:dir { search }; -#allow kickstart system_file:file { entrypoint }; -allow kickstart vfat:dir { search }; |