blob: f043becc14d317e5940a26e14b360abe16783150 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# rmt_storage - rmt_storage daemon
type rmt_storage, domain, domain_deprecated;
type rmt_storage_exec, exec_type, file_type;
init_daemon_domain(rmt_storage)
allow rmt_storage {
modem_efs_partition_device
root_block_device
ssd_device
}:blk_file rw_file_perms;
allow rmt_storage block_device:dir r_dir_perms;
allow rmt_storage cgroup:dir create_dir_perms;
allow rmt_storage { smem_log_device uio_device }:chr_file rw_file_perms;
# sys_admin is needed for ioprio_set
allow rmt_storage self:capability {
setuid
setgid
sys_admin
dac_override
net_bind_service
net_raw
setpcap
};
#For set the ctl properties
unix_socket_connect(rmt_storage, property, init)
allow rmt_storage ctl_default_prop:property_service set;
#For Wakelocks
wakelock_use(rmt_storage)
allow rmt_storage self:socket create_socket_perms;
allow rmt_storage uio_device:chr_file rw_file_perms;
#For access to the kmsg device
allow rmt_storage kmsg_device:chr_file w_file_perms;
#debugfs access
userdebug_or_eng(`
typeattribute rmt_storage qti_debugfs_domain;
allow rmt_storage debugfs:dir r_dir_perms;
allow rmt_storage debugfs:file rw_file_perms;
')
|