Commit 64f94833 authored by TARKZiM's avatar TARKZiM Committed by Bernhard Thoben
Browse files

kitakami-common: sepolicy: Address more denials

parent f4ed419b
......@@ -14,3 +14,4 @@ allow cameraserver sysfs_graphics:file { getattr open read };
allow cameraserver init:unix_dgram_socket sendto;
allow cameraserver qcamerasvr:unix_dgram_socket sendto;
allow cameraserver qcamerasvr:unix_stream_socket connectto;
allow cameraserver secd:unix_stream_socket connectto;
allow flags_health_check alarm_boot_prop:file { getattr open };
allow flags_health_check alarm_handled_prop:file { getattr open };
allow flags_health_check crash_prop:file { getattr open };
allow flags_health_check ctl_LKCore_prop:file { getattr open };
allow flags_health_check ctl_adbd_prop:file { getattr open };
allow flags_health_check ctl_interface_start_prop:file { getattr open };
allow flags_health_check ctl_interface_stop_prop:file open;
allow flags_health_check ctl_vendor_wigigsvc_prop:file open;
allow flags_health_check qemu_gles_prop:file getattr;
allow flags_health_check qti_prop:file open;
allow flags_health_check scr_enabled_prop:file getattr;
allow flags_health_check sdm_idle_time_prop:file { getattr open };
allow flags_health_check sensors_prop:file { getattr open };
allow flags_health_check serialno_prop:file { getattr open };
allow flags_health_check spcomlib_prop:file { getattr open };
allow flags_health_check sys_usb_configfs_prop:file { getattr open };
allow flags_health_check sys_usb_controller_prop:file { getattr open };
allow flags_health_check sys_usb_tethering_prop:file { getattr open };
allow flags_health_check system_boot_reason_prop:file { getattr open };
allow flags_health_check system_lmk_prop:file { getattr open };
allow flags_health_check test_boot_reason_prop:file { getattr open };
allow flags_health_check alarm_instance_prop:file { getattr open };
allow flags_health_check apexd_prop:file { getattr open };
allow flags_health_check bg_boot_complete_prop:file { getattr open };
allow fsck_untrusted vold_device:blk_file ioctl;
allow priv_app device:dir open;
allow priv_app proc_interrupts:file open;
allow priv_app alarm_boot_prop:file open;
allow priv_app alarm_instance_prop:file getattr;
allow priv_app proc:file open;
allow priv_app sysfs_android_usb:file open;
allow shell alarm_boot_prop:file { getattr open };
allow shell alarm_handled_prop:file { getattr open };
allow shell alarm_instance_prop:file { getattr open };
allow shell apexd_prop:file { getattr open };
allow shell bg_boot_complete_prop:file { getattr open };
allow shell bg_daemon_prop:file { getattr open };
allow shell bluetooth_prop:file { getattr open };
allow shell boot_animation_prop:file { getattr open };
allow shell boot_mode_prop:file { getattr open };
allow shell boottime_prop:file { getattr open };
allow shell bpf_progs_loaded_prop:file { getattr open };
allow shell coresight_prop:file { getattr open };
allow shell crash_prop:file { getattr open };
allow shell ctl_LKCore_prop:file { getattr open };
allow shell ctl_adbd_prop:file { getattr open };
allow shell ctl_bootanim_prop:file { getattr open read };
allow shell ctl_console_prop:file { getattr open };
allow shell ctl_default_prop:file { getattr open };
allow shell ctl_fuse_prop:file { getattr open };
allow shell ctl_hbtp_prop:file { getattr open };
allow shell ctl_interface_restart_prop:file { getattr open };
allow shell ctl_interface_start_prop:file { getattr open };
allow shell ctl_interface_stop_prop:file { getattr open };
allow shell ctl_mdnsd_prop:file { getattr open };
allow shell ctl_netmgrd_prop:file { getattr open };
allow shell ctl_port-bridge_prop:file { getattr open };
allow shell ctl_qmuxd_prop:file { getattr open };
allow shell ctl_restart_prop:file { getattr open };
allow shell ctl_rildaemon_prop:file { getattr open };
allow shell ctl_sigstop_prop:file { getattr open };
allow shell ctl_start_prop:file { getattr open };
allow shell ctl_stop_prop:file { getattr open };
allow shell ctl_vendor_imsrcsservice_prop:file { getattr open };
allow shell ctl_vendor_wigigsvc_prop:file { getattr open };
allow shell device_config_activity_manager_native_boot_prop:file { getattr open };
allow shell device_config_boot_count_prop:file { getattr open };
allow shell device_config_input_native_boot_prop:file { getattr open };
allow shell device_config_media_native_prop:file { getattr open };
allow shell device_config_netd_native_prop:file { getattr open };
allow shell device_config_reset_performed_prop:file { getattr open };
allow shell device_config_runtime_native_boot_prop:file { getattr open };
allow shell device_config_runtime_native_prop:file { getattr open };
allow shell diag_mdlog_prop:file { getattr open };
allow shell dolby_prop:file { getattr open };
allow shell dumpstate_options_prop:file { getattr open };
allow shell firstboot_prop:file { getattr open };
allow shell fm_prop:file { getattr open };
allow shell freq_prop:file { getattr open };
allow shell fst_prop:file { getattr open };
allow shell gamed_prop:file { getattr open };
allow shell gsid_prop:file { getattr open };
allow shell ipacm-diag_prop:file { getattr open };
allow shell ipacm_prop:file { getattr open };
allow shell llkd_prop:file { getattr open };
allow shell location_prop:file { getattr open };
allow shell lowpan_prop:file { getattr open };
allow shell mdm_helper_prop:file { getattr open };
allow shell mmc_prop:file { getattr open };
allow shell mmi_prop:file { getattr open };
allow shell mpdecision_prop:file { getattr open };
allow shell msm_irqbalance_prop:file { getattr open };
allow shell msm_irqbl_sdm630_prop:file { getattr open };
allow shell net_dns_prop:file { getattr open };
allow shell netd_prop:file { getattr open };
allow shell netd_stable_secret_prop:file { getattr open };
allow shell nfc_nq_prop:file { getattr open };
allow shell opengles_prop:file { getattr open };
allow shell overlay_prop:file { getattr open };
allow shell per_mgr_state_prop:file { getattr open };
allow shell perfd_prop:file { getattr open };
allow shell persistent_properties_ready_prop:file { getattr open };
allow shell postprocessing_prop:file { getattr open };
allow shell ppd_prop:file { getattr open };
allow shell qcom_ims_prop:file { getattr open };
allow shell qdma_prop:file { getattr open };
allow shell qemu_gles_prop:file { getattr open };
allow shell qti_prop:file { getattr open };
allow shell rmnet_mux_prop:file { getattr open };
allow shell safemode_prop:file { getattr open };
allow shell scr_enabled_prop:file { getattr open };
allow shell sdm_idle_time_prop:file { getattr open };
allow shell sensors_prop:file { getattr open };
allow shell spcomlib_prop:file { getattr open };
allow shell sys_usb_configfs_prop:file { getattr open };
allow shell sys_usb_controller_prop:file { getattr open };
allow shell sys_usb_tethering_prop:file { getattr open };
allow shell system_lmk_prop:file { getattr open };
allow shell system_trace_prop:file { getattr open };
allow shell ta_prop:file { getattr open };
allow shell tee_prop:file { getattr open };
allow shell test_boot_reason_prop:file { getattr open };
allow shell theme_prop:file { getattr open };
allow shell time_prop:file { getattr open };
allow shell timekeep_prop:file { getattr open };
allow shell traced_lazy_prop:file { getattr open };
allow shell uicc_prop:file { getattr open };
allow shell usf_prop:file { getattr open };
allow shell vendor_mpctl_prop:file { getattr open };
allow shell vendor_rild_libpath_prop:file { getattr open };
allow shell vendor_system_prop:file { getattr open };
allow shell vendor_wifi_prop:file { getattr open };
allow shell vendor_wifi_version:file { getattr open };
allow shell vm_bms_prop:file { getattr open };
allow shell wifi_prop:file { getattr open };
allow shell wififtmd_prop:file { getattr open };
allow shell wigig_prop:file { getattr open };
allow shell xlat_prop:file { getattr open };
......@@ -13,3 +13,4 @@ allow system_server sensors_socket:sock_file write;
allow system_server unlabeled:file unlink;
allow system_server default_android_service:service_manager find;
allow system_server init:binder { call transfer };
allow system_server exfat:dir rw_dir_perms;
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment