blob: 091307522a5b560656e00d5b64e04fd17c9397ab (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
type qmuxd, domain;
type qmuxd_exec, exec_type, vendor_file_type, file_type;
net_domain(qmuxd)
init_daemon_domain(qmuxd)
userdebug_or_eng(`
domain_auto_trans(shell, qmuxd_exec, qmuxd)
#domain_auto_trans(adbd, qmuxd_exec, qmuxd)
')
#Allow qmuxd to operate on various qmux device sockets
#allow qmuxd qmux_radio_socket:dir { write add_name remove_name search };
#allow qmuxd qmux_radio_socket:sock_file { create setattr getattr write unlink };
#allow qmuxd qmux_audio_socket:dir { write add_name remove_name search };
#allow qmuxd qmux_audio_socket:sock_file { create setattr getattr write unlink };
#allow qmuxd qmux_gps_socket:dir { write add_name remove_name search };
#allow qmuxd qmux_gps_socket:sock_file { create setattr getattr write unlink };
#allow qmuxd qmux_bluetooth_socket:dir { write add_name remove_name search };
#allow qmuxd qmux_bluetooth_socket:sock_file { create setattr getattr write unlink };
qmux_socket(qmuxd);
#Allow logging
allow qmuxd {
#Allow operation in platform specific transports
smd_device
hsic_device
mhi_device
smem_log_device
}:chr_file rw_file_perms;
#Allow qmuxd to operate in platform specific transports
allow qmuxd {
sysfs_smd_open_timeout
#Allow qmuxd to write in hsic specific transport
sysfs
sysfs_hsic_modem_wait
}:file w_file_perms;
allow qmuxd self:capability { setuid setgid setpcap dac_override };
#Allow qmuxd to have the CAP_BLOCK_SUSPEND capability
wakelock_use(qmuxd)
r_dir_file(qmuxd, sysfs_esoc)
r_dir_file(qmuxd, sysfs_ssr);
allow qmuxd mhi_device:chr_file rw_file_perms;
#Allow qmuxd to access to IPC router
allow qmuxd smem_log_device:chr_file rw_file_perms;
allow qmuxd qmuxd:socket create_socket_perms_no_ioctl;
|
