blob: 78eadbee57a86b5d91114c22eaf69a232127427d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
# ==============================================
# Policy File of /system/bin/fuelgauged_nvram Executable File
# ==============================================
# Type Declaration
# ==============================================
type fuelgauged_nvram ,domain;
type fuelgauged_nvram_exec , exec_type, file_type, vendor_file_type;
type fuelgauged_nvram_file, file_type, data_file_type;
# ==============================================
# Android Policy Rule
# ==============================================
# ==============================================
# NSA Policy Rule
# ==============================================
# ==============================================
# MTK Policy Rule
# ==============================================
init_daemon_domain(fuelgauged_nvram)
# Data : WK16.21
# Operation : New Feature
# Purpose : For fg daemon can access /data/FG folder
file_type_auto_trans(fuelgauged_nvram, system_data_file, fuelgauged_nvram_file);
allow fuelgauged_nvram fuelgauged_nvram_file:file rw_file_perms;
allow fuelgauged_nvram system_data_file:dir rw_dir_perms;
# Data : WK16.21
# Operation : New Feature
# Purpose : For fg daemon can do nvram r/w to save car_tune_value
allow fuelgauged_nvram nvdata_file:dir rw_dir_perms;
allow fuelgauged_nvram nvdata_file:file {rw_file_perms create_file_perms};
allow fuelgauged_nvram nvram_data_file:lnk_file rw_file_perms;
allow fuelgauged_nvram nvdata_file:lnk_file rw_file_perms;
allow fuelgauged_nvram fuelgauged_file:dir rw_dir_perms;
allow fuelgauged_nvram fuelgauged_file:file {rw_file_perms create_file_perms};
# Data : W16.43
# Operation : New Feature
# Purpose : Change from /data to /cache
allow fuelgauged_nvram cache_file:file {rw_file_perms create_file_perms};
allow fuelgauged_nvram cache_file:dir {rw_dir_perms create_dir_perms};
#allow fuelgauged_nvram self:capability { dac_read_search dac_override chown };
allow fuelgauged_nvram kmsg_device:chr_file { write open };
allow fuelgauged_nvram self:capability fsetid;
# Data : W17.34
# Operation : New Feature
# Purpose : fgauge_nvram could use IOCTL
allow fuelgauged_nvram MT_pmic_adc_cali_device:chr_file rw_file_perms;
# Date: W18.03
# Operation : change fuelgagued_nvram access from cache to nvcfg
# Purpose : add fuelgauged to nvcfg read write permit
allow fuelgauged_nvram sysfs:file { read open };
allow fuelgauged_nvram nvcfg_file:dir { search write open read add_name create getattr};
allow fuelgauged_nvram nvcfg_file:file { read write getattr open create };
|
