diff options
| author | sbrissen <sbrissen@hotmail.com> | 2014-12-05 14:23:09 -0500 |
|---|---|---|
| committer | sbrissen <sbrissen@hotmail.com> | 2015-01-16 08:28:01 -0500 |
| commit | 7cfabc06fd5b18931b51a92d8ee1a586c81328fc (patch) | |
| tree | 390cd7ed61c189505a3eaa07991df0a87afbb775 /selinux/qmuxd.te | |
| parent | dbddb2275770dcf4e7a27c12607881694fbcc507 (diff) | |
| download | device_samsung_t0lte-7cfabc06fd5b18931b51a92d8ee1a586c81328fc.tar.gz device_samsung_t0lte-7cfabc06fd5b18931b51a92d8ee1a586c81328fc.tar.bz2 device_samsung_t0lte-7cfabc06fd5b18931b51a92d8ee1a586c81328fc.zip | |
t0lte: initial L bring up
-selinux policies still need work
-switch fstab to by-name
Change-Id: I397931d0aa2ea7887774007acf40c9f03e66fb14
Diffstat (limited to 'selinux/qmuxd.te')
| -rw-r--r-- | selinux/qmuxd.te | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/selinux/qmuxd.te b/selinux/qmuxd.te new file mode 100644 index 0000000..12413a7 --- /dev/null +++ b/selinux/qmuxd.te @@ -0,0 +1,50 @@ +type qmuxd, domain; +type qmuxd_exec, exec_type, file_type; +net_domain(qmuxd) +init_daemon_domain(qmuxd) + +userdebug_or_eng(` + domain_auto_trans(shell, qmuxd_exec, qmuxd) + domain_auto_trans(adbd, qmuxd_exec, qmuxd) +') + +#Allow qmuxd to operate on various qmux device sockets +#allow qmuxd qmux_radio_socket:dir { write add_name remove_name search }; +#allow qmuxd qmux_radio_socket:sock_file { create setattr getattr write unlink }; +#allow qmuxd qmux_audio_socket:dir { write add_name remove_name search }; +#allow qmuxd qmux_audio_socket:sock_file { create setattr getattr write unlink }; +#allow qmuxd qmux_gps_socket:dir { write add_name remove_name search }; +#allow qmuxd qmux_gps_socket:sock_file { create setattr getattr write unlink }; +#allow qmuxd qmux_bluetooth_socket:dir { write add_name remove_name search }; +#allow qmuxd qmux_bluetooth_socket:sock_file { create setattr getattr write unlink }; + +qmux_socket(qmuxd); + +#Allow logging +allow qmuxd diag_device:chr_file { rw_file_perms }; + +#Allow operation in platform specific transports +allow qmuxd smd_device:chr_file { rw_file_perms }; +allow qmuxd hsic_device:chr_file { rw_file_perms }; + +#Allow qmuxd to operate in platform specific transports +allow qmuxd sysfs_smd_open_timeout:file w_file_perms; +allow qmuxd sysfs_wake_lock:file { append open }; + +#Allow qmuxd to write in hsic specific transport +allow qmuxd sysfs:file w_file_perms; + +allow qmuxd self:capability { setuid setgid setpcap dac_override }; + +#Allow qmuxd to have the CAP_BLOCK_SUSPEND capability +allow qmuxd qmuxd:capability2 { block_suspend }; + +allow qmuxd sysfs_esoc:dir r_dir_perms; +allow qmuxd sysfs_hsic_modem_wait:file w_file_perms; +allow qmuxd sysfs_esoc:lnk_file read; + +r_dir_file(qmuxd, sysfs_ssr); +allow qmuxd mhi_device:chr_file rw_file_perms; + +allow qmuxd qmuxd:process { execmem }; +allow qmuxd radio_device:chr_file {read write open };
\ No newline at end of file |