diff options
37 files changed, 327 insertions, 221 deletions
@@ -1,11 +1,10 @@ -# Board specific SELinux policy variable definitions -ifeq ($(call is-vendor-board-platform,QCOM),true) -LOCAL_PATH:= $(call my-dir) -BOARD_SEPOLICY_DIRS := \ - $(BOARD_SEPOLICY_DIRS) \ - $(LOCAL_PATH) \ - $(LOCAL_PATH)/common \ - $(LOCAL_PATH)/test \ - $(LOCAL_PATH)/$(TARGET_BOARD_PLATFORM) - -endif +# Don't recurse into the platform makefiles. We don't care about them, and +# we don't want to force a reset of BOARD_SEPOLICY_DIRS +# +# If you want to use these policies, add a +# +# include device/qcom/sepolicy/sepolicy.mk +# +# to your device's BoardConfig. It is highly recommended that in case +# you have your own BOARD_SEPOLICY_DIRS and BOARD_SEPOLICY_UNION declarations, +# the inclusion happens _before_ those lines diff --git a/apq8084/file.te b/apq8084/file.te index ea0f63b8..b6b9f1e7 100644 --- a/apq8084/file.te +++ b/apq8084/file.te @@ -28,4 +28,3 @@ # qca data file for apq8084 type qca1530_data_file, file_type, data_file_type; type sysfs_qca1530, file_type; -type qca1530_prop, file_type; diff --git a/apq8084/qca1530.te b/apq8084/qca1530.te index 6937aaa4..5a65171a 100644 --- a/apq8084/qca1530.te +++ b/apq8084/qca1530.te @@ -26,6 +26,7 @@ type qca1530, domain, domain_deprecated; type qca1530_exec, exec_type, file_type; +type qca1530_prop, property_type; net_domain(qca1530) init_daemon_domain(qca1530) diff --git a/common/attributes b/common/attributes index 839eaf26..e6f4b443 100644 --- a/common/attributes +++ b/common/attributes @@ -26,4 +26,5 @@ # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # Domain type used for debugfs access -attribute qti_debugfs_domain; +# (moved to system/sepolicy) +# attribute qti_debugfs_domain; diff --git a/common/bluetooth_loader.te b/common/bluetooth_loader.te new file mode 100644 index 00000000..e1d5be38 --- /dev/null +++ b/common/bluetooth_loader.te @@ -0,0 +1,40 @@ +# Bluetooth executables and scripts +type bluetooth_loader, domain, domain_deprecated; +type bluetooth_loader_exec, exec_type, file_type; + +# Start bdAddrLoader from init +init_daemon_domain(bluetooth_loader) + +# Run init.qcom.bt.sh +allow bluetooth_loader shell_exec:file { entrypoint getattr read }; +allow bluetooth_loader bluetooth_loader_exec:file { getattr open execute_no_trans }; + +# init.qcom.bt.sh needs /system/bin/log access +allow bluetooth_loader devpts:chr_file rw_file_perms; + +# Run hci_qcomm_init from init.qcom.bt.sh +domain_auto_trans(bluetooth_loader, hci_attach_exec, hci_attach) +allow hci_attach bluetooth_loader:fd use; + +# Set persist.service.bdroid.* and bluetooth.* property values +set_prop(bluetooth_loader, bluetooth_prop) + +# Allow getprop/setprop for init.qcom.bt.sh +allow bluetooth_loader system_file:file execute_no_trans; +allow bluetooth_loader toolbox_exec:file rx_file_perms; + +# Allow hci_qcomm_init /persist/.bt_nv.bin access +r_dir_file(bluetooth_loader, persist_file); +allow bluetooth_loader bluetooth_data_file:file r_file_perms; + +# Access the smd device +allow bluetooth_loader hci_attach_dev:chr_file rw_file_perms; + +# And qmuxd +allow bluetooth_loader qmuxd_socket:dir { write add_name remove_name search }; +allow bluetooth_loader qmuxd_socket:sock_file { create setattr getattr write unlink }; +allow bluetooth_loader qmuxd:unix_stream_socket { connectto }; + +userdebug_or_eng(` + diag_use(bluetooth_loader) +') diff --git a/common/file_contexts b/common/file_contexts index b24c4191..fb1e296b 100644 --- a/common/file_contexts +++ b/common/file_contexts @@ -9,6 +9,7 @@ /dev/mhi_pipe_.* u:object_r:mhi_device:s0 /dev/bhi u:object_r:bhi_device:s0 /dev/msm_.* u:object_r:audio_device:s0 +/dev/i2c-6 u:object_r:audio_device:s0 /dev/wcd_dsp0_control u:object_r:audio_device:s0 /dev/wcd-dsp-glink u:object_r:audio_device:s0 /dev/usf1 u:object_r:usf_device:s0 @@ -30,6 +31,7 @@ /dev/sdsprpc-smd u:object_r:dsp_device:s0 /dev/sensors u:object_r:sensors_device:s0 /dev/smd.* u:object_r:smd_device:s0 +/dev/smd3 u:object_r:hci_attach_dev:s0 /dev/smem_log u:object_r:smem_log_device:s0 /dev/ttyHSL0 u:object_r:console_device:s0 /dev/ttyMSM0 u:object_r:console_device:s0 @@ -166,7 +168,7 @@ /system/bin/netmgrd u:object_r:netmgrd_exec:s0 /system/bin/qmuxd u:object_r:qmuxd_exec:s0 /system/bin/port-bridge u:object_r:port-bridge_exec:s0 -/system/bin/sensors.qcom u:object_r:sensors_exec:s0 +/system/bin/sensors\.qcom u:object_r:sensors_exec:s0 /system/bin/sns.* u:object_r:sensors_test_exec:s0 /system/bin/test_diag u:object_r:diag_exec:s0 /system/vendor/bin/thermal-engine u:object_r:thermal-engine_exec:s0 @@ -246,13 +248,14 @@ /system/bin/usf_sw_calib u:object_r:usf_exec:s0 /system/bin/usf_pairing u:object_r:usf_exec:s0 /system/bin/usf_tester u:object_r:usf_exec:s0 -/system/vendor/bin/RIDLClient.exe u:object_r:RIDL_exec:s0 +/system/vendor/bin/RIDLClient\.exe u:object_r:RIDL_exec:s0 /system/vendor/bin/LKCore u:object_r:qti_logkit_exec:s0 /system/bin/tbaseLoader u:object_r:tbaseLoader_exec:s0 /system/bin/mcStarter u:object_r:mcStarter_exec:s0 /system/bin/fstman u:object_r:fstman_exec:s0 /system/vendor/bin/mdtpd u:object_r:mdtpdaemon_exec:s0 /system/bin/wifi_ftmd u:object_r:wifi_ftmd_exec:s0 +/system/etc/init\.qcom\.bt\.sh u:object_r:bluetooth_loader_exec:s0 ################################### # sysfs files @@ -310,11 +313,13 @@ /data/rfs.* u:object_r:rfs_file:s0 /data/hlos_rfs(/.*)? u:object_r:rfs_shared_hlos_file:s0 /data/camera(/.*)? u:object_r:camera_socket:s0 +/data/fdAlbum u:object_r:camera_data_file:s0 /data/misc/stargate(/.*)? u:object_r:qfp-daemon_data_file:s0 /data/system/sensors(/.*)? u:object_r:sensors_data_file:s0 /data/time(/.*)? u:object_r:time_data_file:s0 /data/nfc(/.*)? u:object_r:nfc_data_file:s0 /data/system/perfd(/.*)? u:object_r:mpctl_data_file:s0 +/data/misc/perfd(/.*)? u:object_r:mpctl_socket:s0 /data/misc/iop(/.*)? u:object_r:iop_data_file:s0 /data/misc/display(/.*)? u:object_r:display_misc_file:s0 /data/misc/ipa(/.*)? u:object_r:ipacm_data_file:s0 @@ -351,6 +356,8 @@ # persist files # /persist(/.*)? u:object_r:persist_file:s0 +/persist/\.bt_nv\.bin u:object_r:bluetooth_data_file:s0 +/persist/\.genmac u:object_r:wifi_data_file:s0 /persist/bluetooth(/.*)? u:object_r:persist_bluetooth_file:s0 /persist/drm(/.*)? u:object_r:persist_drm_file:s0 /persist/sensors(/.*)? u:object_r:sensors_persist_file:s0 diff --git a/common/gatekeeperd.te b/common/gatekeeperd.te new file mode 100644 index 00000000..00a32af5 --- /dev/null +++ b/common/gatekeeperd.te @@ -0,0 +1,2 @@ +# allow gatekeeperd to open firmware images (ex. kmota) +r_dir_file(gatekeeperd, firmware_file) diff --git a/common/iop.te b/common/iop.te index 20ff39fc..87087116 100644 --- a/common/iop.te +++ b/common/iop.te @@ -41,7 +41,8 @@ r_dir_file( dumpstate, appdomain ); r_dir_file( dumpstate, apk_data_file ); #Create a socket for receiving info from IOP -allow dumpstate iop_socket:sock_file rw_file_perms; +type_transition dumpstate iop_data_file:sock_file iop_socket "iop"; +allow dumpstate iop_socket:sock_file { create_file_perms unlink }; #default_values file allow dumpstate iop_data_file:dir rw_dir_perms; diff --git a/common/keystore.te b/common/keystore.te index 524fc3f4..0a825c1f 100644 --- a/common/keystore.te +++ b/common/keystore.te @@ -1,2 +1,5 @@ # Allow keystore to operate using qseecom_device allow keystore tee_device:chr_file rw_file_perms; + +# Allow keystore to search and get keymaste.mdt +r_dir_file(keystore, firmware_file) diff --git a/common/mdm_helper.te b/common/mdm_helper.te index bbbc3e51..bbbc3e51 100755..100644 --- a/common/mdm_helper.te +++ b/common/mdm_helper.te diff --git a/common/mediaserver.te b/common/mediaserver.te index 899f2ed2..4c6c0242 100644 --- a/common/mediaserver.te +++ b/common/mediaserver.te @@ -34,6 +34,7 @@ binder_call(mediaserver, poweroffhandler); allow mediaserver mpctl_socket:dir r_dir_perms; unix_socket_send(mediaserver, mpctl, mpdecision) unix_socket_connect(mediaserver, mpctl, mpdecision) +unix_socket_connect(mediaserver, thermal, thermal-engine) # access to perflock allow mediaserver mpctl_socket:dir r_dir_perms; @@ -70,3 +71,7 @@ r_dir_file(mediaserver, adsprpcd_file); binder_call(mediaserver, bootanim); allow mediaserver surfaceflinger:unix_stream_socket rw_socket_perms; + +# Allow mediaserver to search and get the widevine, playready firmwares +allow mediaserver firmware_file:dir search; +allow mediaserver firmware_file:file { read getattr open }; diff --git a/common/mm-qcamerad.te b/common/mm-qcamerad.te index d5d2be68..eb11d73b 100644 --- a/common/mm-qcamerad.te +++ b/common/mm-qcamerad.te @@ -16,11 +16,13 @@ userdebug_or_eng(` allow mm-qcamerad camera_data_file:file create_file_perms; # mm-qcamerad needs to set persist.camera. property - allow mm-qcamerad camera_prop:property_service set; + set_prop(mm-qcamerad, camera_prop) ') #Communicate with user land process through domain socket +type_transition mm-qcamerad system_data_file:sock_file camera_socket "cam_socket1"; +type_transition mm-qcamerad system_data_file:sock_file camera_socket "cam_socket2"; allow mm-qcamerad camera_socket:sock_file { create unlink write }; allow mm-qcamerad camera_socket:dir w_dir_perms; unix_socket_connect(mm-qcamerad, sensors, sensors) @@ -69,3 +71,7 @@ binder_call(mm-qcamerad, mmi); allow mm-qcamerad input_device:dir r_dir_perms; allow mm-qcamerad input_device:chr_file r_file_perms; allow mm-qcamerad sysfs:file rw_file_perms; + +# /data/fdAlbum +type_transition mm-qcamerad system_data_file:file camera_data_file "fdAlbum"; +allow mm-qcamerad camera_data_file:file create_file_perms; diff --git a/common/perfd.te b/common/perfd.te index fb857290..bde73246 100644 --- a/common/perfd.te +++ b/common/perfd.te @@ -14,7 +14,8 @@ allow perfd { allow perfd self:{ netlink_kobject_uevent_socket socket} create_socket_perms; # mpctl socket -allow perfd mpctl_socket:sock_file rw_file_perms; +allow perfd mpctl_socket:dir rw_dir_perms; +allow perfd mpctl_socket:sock_file create_file_perms; # default_values file allow perfd mpctl_data_file:dir rw_dir_perms; diff --git a/common/qmuxd.te b/common/qmuxd.te index 35d6f1ff..9ca4b03e 100644 --- a/common/qmuxd.te +++ b/common/qmuxd.te @@ -6,6 +6,7 @@ init_daemon_domain(qmuxd) userdebug_or_eng(` domain_auto_trans(shell, qmuxd_exec, qmuxd) domain_auto_trans(adbd, qmuxd_exec, qmuxd) + diag_use(qmuxd) ') #Allow qmuxd to operate on various qmux device sockets diff --git a/common/ssr_diag.te b/common/ssr_diag.te index f04ab537..f04ab537 100755..100644 --- a/common/ssr_diag.te +++ b/common/ssr_diag.te diff --git a/common/subsystem_ramdump.te b/common/subsystem_ramdump.te index c58fd187..c58fd187 100755..100644 --- a/common/subsystem_ramdump.te +++ b/common/subsystem_ramdump.te diff --git a/common/system_server.te b/common/system_server.te index 57578203..d95864c3 100644 --- a/common/system_server.te +++ b/common/system_server.te @@ -47,6 +47,8 @@ allow system_server { # required for ANT App to connectto wcnss_filter sockets allow system_server bluetooth:unix_stream_socket connectto; # access to iop +allow system_server iop_socket:dir r_dir_perms; +allow system_server iop_data_file:dir r_dir_perms; unix_socket_send(system_server, iop, dumpstate) unix_socket_connect(system_server, iop, dumpstate) diff --git a/common/thermal-engine.te b/common/thermal-engine.te index b347958f..33a0efed 100644 --- a/common/thermal-engine.te +++ b/common/thermal-engine.te @@ -49,6 +49,9 @@ unix_socket_connect(thermal-engine, mpctl, mpdecision) #This is to allow access to uio device allow thermal-engine uio_device:chr_file rw_file_perms; +#Label the thermal sockets correctly +type_transition thermal-engine socket_device:sock_file thermal_socket; + userdebug_or_eng(` diag_use(thermal-engine) ') diff --git a/common/untrusted_app.te b/common/untrusted_app.te index 8f6d10b7..32e1f5db 100644 --- a/common/untrusted_app.te +++ b/common/untrusted_app.te @@ -5,6 +5,10 @@ unix_socket_connect(untrusted_app, mpctl, mpdecision) # diag device node access is restricted to untrusted_app neverallow untrusted_app diag_device:chr_file rw_file_perms; +# allow apps to read battery status +allow untrusted_app sysfs_battery_supply:dir r_dir_perms; +allow untrusted_app sysfs_battery_supply:file r_file_perms; + # test apps needs to communicate with imscm # using binder call userdebug_or_eng(` diff --git a/common/wcnss_service.te b/common/wcnss_service.te index 05b31d40..3d9b44c1 100644 --- a/common/wcnss_service.te +++ b/common/wcnss_service.te @@ -13,8 +13,7 @@ allow wcnss_service wifi_data_file:dir w_dir_perms; allow wcnss_service wifi_data_file:file create_file_perms; allow wcnss_service system_prop:property_service set; -allow wcnss_service persist_file:dir r_dir_perms; -qmux_socket(wcnss_service); +allow wcnss_service persist_file:dir create_dir_perms; allow wcnss_service self:socket create_socket_perms; allow wcnss_service smem_log_device:chr_file rw_file_perms; @@ -32,6 +31,7 @@ allow wcnss_service self:netlink_generic_socket create_socket_perms; allow wcnss_service firmware_file:dir r_dir_perms; allow wcnss_service firmware_file:file r_file_perms; allow wcnss_service sysfs:file w_file_perms; +allow wcnss_service storage_file:dir search; # allow access to netd unix_socket_connect(wcnss_service, netd, netd) @@ -53,3 +53,5 @@ diag_use(wcnss_service) binder_use(wcnss_service) use_per_mgr(wcnss_service) + +type_transition wcnss_service persist_file:file wifi_data_file ".genmac"; diff --git a/msm8226/file_contexts b/msm8226/file_contexts index 89dd1840..83dc7578 100644 --- a/msm8226/file_contexts +++ b/msm8226/file_contexts @@ -27,6 +27,8 @@ ################################### # Primary storage device nodes # +/dev/block/platform/msm_sdcc\.1/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/recovery u:object_r:recovery_block_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/fsg u:object_r:modem_efs_partition_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/fsc u:object_r:modem_efs_partition_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 @@ -35,5 +37,6 @@ /dev/block/platform/msm_sdcc\.1/by-name/misc u:object_r:misc_block_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/userdata u:object_r:userdata_block_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/msm_sdcc\.1/by-name/cache u:object_r:cache_block_device:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 diff --git a/msm8909/file_contexts b/msm8909/file_contexts index 642cfb5a..9a4a10c0 100644 --- a/msm8909/file_contexts +++ b/msm8909/file_contexts @@ -27,24 +27,27 @@ ################################### # Primary storage device nodes # -/dev/block/platform/soc.0/7824900.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/config u:object_r:frp_block_device:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 # for wear we are still using soc not soc.0 -/dev/block/platform/soc/7824900.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/logdump u:object_r:logdump_partition:s0 diff --git a/msm8916/file_contexts b/msm8916/file_contexts index c59fe8fb..0c92e955 100644 --- a/msm8916/file_contexts +++ b/msm8916/file_contexts @@ -28,18 +28,19 @@ ################################### # Primary storage device nodes # -/dev/block/platform/soc.0/7824900.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/config u:object_r:frp_block_device:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/boot u:object_r:boot_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/system u:object_r:system_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/frp u:object_r:frp_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/system u:object_r:system_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/cache u:object_r:cache_block_device:s0 diff --git a/msm8937/file_contexts b/msm8937/file_contexts index 5aea9873..16c6a6da 100644 --- a/msm8937/file_contexts +++ b/msm8937/file_contexts @@ -32,24 +32,24 @@ /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 #Using soc instead of soc.0 for 3.18 kernel -/dev/block/platform/soc/7824900.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/system u:object_r:system_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/dip u:object_r:dip_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/config u:object_r:frp_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/boot u:object_r:boot_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/cache u:object_r:cache_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/system u:object_r:system_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/dip u:object_r:dip_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/logdump u:object_r:logdump_partition:s0 #rawdump partition -/dev/block/platform/soc/7824900.sdhci/by-name/rawdump u:object_r:rawdump_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/rawdump u:object_r:rawdump_block_device:s0 /sys/kernel/dload/emmc_dload u:object_r:sysfs_emmc_dload:s0 diff --git a/msm8952/file_contexts b/msm8952/file_contexts index b03d222d..f4afa1cf 100644 --- a/msm8952/file_contexts +++ b/msm8952/file_contexts @@ -28,31 +28,31 @@ ################################### # Primary storage device nodes # -/dev/block/platform/soc.0/7824900.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/system u:object_r:system_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/dip u:object_r:dip_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/system u:object_r:system_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/dip u:object_r:dip_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/config u:object_r:frp_block_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc\.0/7824900\.sdhci/by-name/logdump u:object_r:logdump_partition:s0 #Using soc instead of soc.0 to make it compatable with 3.18 kernel -/dev/block/platform/soc/7824900.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/system u:object_r:system_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/dip u:object_r:dip_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/system u:object_r:system_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/dip u:object_r:dip_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/logdump u:object_r:logdump_partition:s0 diff --git a/msm8953/file_contexts b/msm8953/file_contexts index 579f6988..86127797 100644 --- a/msm8953/file_contexts +++ b/msm8953/file_contexts @@ -32,22 +32,22 @@ /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 #Using soc instead of soc.0 for 3.18 kernel -/dev/block/platform/soc/7824900.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/system u:object_r:system_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/dip u:object_r:dip_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/config u:object_r:frp_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/boot u:object_r:boot_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 -/dev/block/platform/soc/7824900.sdhci/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/system u:object_r:system_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/dip u:object_r:dip_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/cache u:object_r:cache_block_device:s0 #rawdump partition -/dev/block/platform/soc/7824900.sdhci/by-name/rawdump u:object_r:rawdump_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/rawdump u:object_r:rawdump_block_device:s0 /sys/kernel/dload/emmc_dload u:object_r:sysfs_emmc_dload:s0 diff --git a/msm8960/file_contexts b/msm8960/file_contexts index e59fdad6..d1f3d66b 100755 --- a/msm8960/file_contexts +++ b/msm8960/file_contexts @@ -5,22 +5,30 @@ /dev/msm_rotator u:object_r:graphics_device:s0 /dev/mdp_arb u:object_r:graphics_device:s0 /dev/mdm u:object_r:mdm_device:s0 -/dev/block/bootdevice/by-name/m9kefs1 u:object_r:efs_boot_dev:s0 -/dev/block/bootdevice/by-name/m9kefs2 u:object_r:efs_boot_dev:s0 -/dev/block/bootdevice/by-name/m9kefs3 u:object_r:efs_boot_dev:s0 -/dev/block/bootdevice/by-name/m9kefsc u:object_r:efs_boot_dev:s0 -/dev/gss u:object_r:gss_device:s0 -/dev/block/platform/msm_sdcc.1/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/msm_sdcc.1/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/msm_sdcc.1/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/msm_sdcc.1/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/msm_sdcc.1/by-name/boot u:object_r:boot_block_device:s0 -/dev/block/platform/msm_sdcc.1/by-name/recovery u:object_r:recovery_block_device:s0 -/dev/block/platform/msm_sdcc.1/by-name/cache u:object_r:cache_block_device:s0 -/dev/block/platform/msm_sdcc.1/by-name/system u:object_r:system_block_device:s0 -/dev/block/platform/msm_sdcc.1/by-name/logdump u:object_r:logdump_partition:s0 -/dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/socket/mpdecision u:object_r:mpdecision_socket:s0 + +################################### +# Block devices +# +/dev/block/mmcblk0 u:object_r:root_block_device:s0 +/dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/msm_sdcc\.1/by-name/m9kefs1 u:object_r:efs_boot_dev:s0 +/dev/block/platform/msm_sdcc\.1/by-name/m9kefs2 u:object_r:efs_boot_dev:s0 +/dev/block/platform/msm_sdcc\.1/by-name/m9kefs3 u:object_r:efs_boot_dev:s0 +/dev/block/platform/msm_sdcc\.1/by-name/m9kefsc u:object_r:efs_boot_dev:s0 +/dev/block/platform/msm_sdcc\.1/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/system u:object_r:system_block_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/userdata u:object_r:userdata_block_device:s0 + ################################### # System files # @@ -28,7 +36,6 @@ /system/bin/thermal-engine u:object_r:thermal-engine_exec:s0 /system/bin/qcks u:object_r:mdm_helper_exec:s0 /system/bin/efks u:object_r:mdm_helper_exec:s0 -/system/bin/DR_AP_Service u:object_r:location_exec:s0 ################################### # Data files diff --git a/msm8974/file_contexts b/msm8974/file_contexts index 4de2687e..48d10ef4 100644 --- a/msm8974/file_contexts +++ b/msm8974/file_contexts @@ -27,6 +27,8 @@ ################################### # Primary storage device nodes # +/dev/block/platform/msm_sdcc\.1/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/recovery u:object_r:recovery_block_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/fsg u:object_r:modem_efs_partition_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/fsc u:object_r:modem_efs_partition_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 @@ -35,5 +37,6 @@ /dev/block/platform/msm_sdcc\.1/by-name/misc u:object_r:misc_block_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/userdata u:object_r:userdata_block_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/msm_sdcc\.1/by-name/cache u:object_r:cache_block_device:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 diff --git a/msm8974/netmgrd.te b/msm8974/netmgrd.te new file mode 100644 index 00000000..a034c0c6 --- /dev/null +++ b/msm8974/netmgrd.te @@ -0,0 +1 @@ +allow netmgrd self:capability dac_override; diff --git a/msm8976/file_contexts b/msm8976/file_contexts index 8a9ea58d..72b10f3d 100644 --- a/msm8976/file_contexts +++ b/msm8976/file_contexts @@ -26,5 +26,5 @@ # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #rawdump partition -/dev/block/platform/soc/7824900.sdhci/by-name/rawdump u:object_r:rawdump_block_device:s0 +/dev/block/platform/soc/7824900\.sdhci/by-name/rawdump u:object_r:rawdump_block_device:s0 /sys/kernel/dload/emmc_dload u:object_r:sysfs_emmc_dload:s0 diff --git a/msm8992/file_contexts b/msm8992/file_contexts index f4957ddb..00fbce29 100644 --- a/msm8992/file_contexts +++ b/msm8992/file_contexts @@ -27,17 +27,17 @@ ################################### # Dev block nodes # -/dev/block/platform/soc.0/f9824900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/boot u:object_r:boot_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/cache u:object_r:cache_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/config u:object_r:frp_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/logdump u:object_r:logdump_partition:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 diff --git a/msm8994/file_contexts b/msm8994/file_contexts index 4c073044..436b659c 100644 --- a/msm8994/file_contexts +++ b/msm8994/file_contexts @@ -32,30 +32,30 @@ /dev/block/mmcblk0 u:object_r:root_block_device:s0 # UFS devices -/dev/block/platform/soc.0/fc594000.ufshc/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/boot u:object_r:boot_block_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/recovery u:object_r:recovery_block_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/cache u:object_r:cache_block_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/frp u:object_r:frp_block_device:s0 -/dev/block/platform/soc.0/fc594000.ufshc/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/frp u:object_r:frp_block_device:s0 +/dev/block/platform/soc\.0/fc594000\.ufshc/by-name/logdump u:object_r:logdump_partition:s0 # eMMC devices -/dev/block/platform/soc.0/f9824900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/boot u:object_r:boot_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/cache u:object_r:cache_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/config u:object_r:frp_block_device:s0 -/dev/block/platform/soc.0/f9824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc\.0/f9824900\.sdhci/by-name/logdump u:object_r:logdump_partition:s0 diff --git a/msm8996/file_contexts b/msm8996/file_contexts index 6c3e83bd..7a31eff0 100644 --- a/msm8996/file_contexts +++ b/msm8996/file_contexts @@ -33,50 +33,50 @@ /dev/block/mmcblk0 u:object_r:root_block_device:s0 # UFS devices -/dev/block/platform/soc/624000.ufshc/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/rpm u:object_r:rpmb_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/system u:object_r:system_block_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/msadp u:object_r:mba_debug_dev:s0 -/dev/block/platform/soc/624000.ufshc/by-name/dip u:object_r:dip_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/mdtp u:object_r:mdtp_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/boot u:object_r:boot_block_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/recovery u:object_r:recovery_block_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/cache u:object_r:cache_block_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/frp u:object_r:frp_block_device:s0 -/dev/block/platform/soc/624000.ufshc/by-name/mdm1m9kefs1 u:object_r:efs_boot_dev:s0 -/dev/block/platform/soc/624000.ufshc/by-name/mdm1m9kefs2 u:object_r:efs_boot_dev:s0 -/dev/block/platform/soc/624000.ufshc/by-name/mdm1m9kefs3 u:object_r:efs_boot_dev:s0 -/dev/block/platform/soc/624000.ufshc/by-name/mdm1m9kefsc u:object_r:efs_boot_dev:s0 -/dev/block/platform/soc/624000.ufshc/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/rpm u:object_r:rpmb_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/system u:object_r:system_block_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/msadp u:object_r:mba_debug_dev:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/dip u:object_r:dip_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/mdtp u:object_r:mdtp_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/frp u:object_r:frp_block_device:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/mdm1m9kefs1 u:object_r:efs_boot_dev:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/mdm1m9kefs2 u:object_r:efs_boot_dev:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/mdm1m9kefs3 u:object_r:efs_boot_dev:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/mdm1m9kefsc u:object_r:efs_boot_dev:s0 +/dev/block/platform/soc/624000\.ufshc/by-name/logdump u:object_r:logdump_partition:s0 # eMMC devices -/dev/block/platform/soc/7464900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/rpm u:object_r:rpmb_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/system u:object_r:system_block_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/msadp u:object_r:mba_debug_dev:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/dip u:object_r:dip_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/boot u:object_r:boot_block_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/cache u:object_r:cache_block_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/frp u:object_r:frp_block_device:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/mdm1m9kefs1 u:object_r:efs_boot_dev:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/mdm1m9kefs2 u:object_r:efs_boot_dev:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/mdm1m9kefs3 u:object_r:efs_boot_dev:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/mdm1m9kefsc u:object_r:efs_boot_dev:s0 -/dev/block/platform/soc/7464900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/rpm u:object_r:rpmb_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/system u:object_r:system_block_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/msadp u:object_r:mba_debug_dev:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/dip u:object_r:dip_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/frp u:object_r:frp_block_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/mdm1m9kefs1 u:object_r:efs_boot_dev:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/mdm1m9kefs2 u:object_r:efs_boot_dev:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/mdm1m9kefs3 u:object_r:efs_boot_dev:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/mdm1m9kefsc u:object_r:efs_boot_dev:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/logdump u:object_r:logdump_partition:s0 ################################### # Dev socket nodes @@ -96,7 +96,7 @@ # /sys/devices/virtual/graphics/fb([0-2])+/lineptr_value u:object_r:sysfs_graphics:s0 -/sys/devices/soc/b00000.qcom,kgsl-3d0/kgsl/kgsl-3d0/gpu_available_frequencies u:object_r:sysfs_kgsl:s0 +/sys/devices/soc/b00000\.qcom,kgsl-3d0/kgsl/kgsl-3d0/gpu_available_frequencies u:object_r:sysfs_kgsl:s0 ################################### # data files @@ -106,5 +106,5 @@ /data/misc/qvr(/.*)? u:object_r:qvrd_data_file:s0 #rawdump partition -/dev/block/platform/soc/7464900.sdhci/by-name/rawdump u:object_r:rawdump_block_device:s0 +/dev/block/platform/soc/7464900\.sdhci/by-name/rawdump u:object_r:rawdump_block_device:s0 /sys/kernel/dload/emmc_dload u:object_r:sysfs_emmc_dload:s0 diff --git a/msm8998/file_contexts b/msm8998/file_contexts index ae7ea032..05fc2c62 100644 --- a/msm8998/file_contexts +++ b/msm8998/file_contexts @@ -28,26 +28,26 @@ # Dev block nodes # UFS Devices -/dev/block/platform/soc/1da4000.ufshc/by-name/system u:object_r:system_block_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/userdata u:object_r:userdata_block_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/boot u:object_r:boot_block_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/logdump u:object_r:logdump_partition:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/fsc u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/fsg u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/ssd u:object_r:ssd_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/misc u:object_r:misc_block_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/rpm u:object_r:rpmb_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/msadp u:object_r:mba_debug_dev:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/recovery u:object_r:recovery_block_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/cache u:object_r:cache_block_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/frp u:object_r:frp_block_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/mdtp u:object_r:mdtp_device:s0 -/dev/block/platform/soc/1da4000.ufshc/by-name/dip u:object_r:dip_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/system u:object_r:system_block_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/logdump u:object_r:logdump_partition:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/fsc u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/fsg u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/misc u:object_r:misc_block_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/rpm u:object_r:rpmb_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/msadp u:object_r:mba_debug_dev:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/frp u:object_r:frp_block_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/mdtp u:object_r:mdtp_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/dip u:object_r:dip_device:s0 #rawdump partition -/dev/block/platform/soc/1da4000.ufshc/by-name/rawdump u:object_r:rawdump_block_device:s0 +/dev/block/platform/soc/1da4000\.ufshc/by-name/rawdump u:object_r:rawdump_block_device:s0 /sys/kernel/dload/emmc_dload u:object_r:sysfs_emmc_dload:s0 ################################### diff --git a/sepolicy.mk b/sepolicy.mk new file mode 100644 index 00000000..37168769 --- /dev/null +++ b/sepolicy.mk @@ -0,0 +1,9 @@ +# Board specific SELinux policy variable definitions +BOARD_SEPOLICY_DIRS := \ + $(BOARD_SEPOLICY_DIRS) \ + device/qcom/sepolicy \ + device/qcom/sepolicy/common \ + device/qcom/sepolicy/test \ + device/qcom/sepolicy/$(TARGET_BOARD_PLATFORM) + +-include vendor/cm/sepolicy/qcom/sepolicy.mk diff --git a/test/file_contexts b/test/file_contexts index 9a44684a..9a44684a 100755..100644 --- a/test/file_contexts +++ b/test/file_contexts diff --git a/test/qti-testscripts.te b/test/qti-testscripts.te index 4d3eadfd..d8f20eab 100644 --- a/test/qti-testscripts.te +++ b/test/qti-testscripts.te @@ -26,7 +26,9 @@ # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. userdebug_or_eng(` - type qti-testscripts, domain, domain_deprecated, mlstrustedsubject; + # forward declaration is done in system/sepolicy to avoid neverallow issues + + # type qti-testscripts, domain, domain_deprecated, mlstrustedsubject; permissive qti-testscripts; domain_trans(init, shell_exec, qti-testscripts) |