Loading target/board/generic/BoardConfig.mk +5 −0 Original line number Diff line number Diff line Loading @@ -82,6 +82,11 @@ BOARD_SEPOLICY_UNION += \ domain.te \ file.te \ file_contexts \ goldfish_setup.te \ goldfish_logcat.te \ property.te \ property_contexts \ qemu_props.te \ qemud.te \ rild.te \ shell.te \ Loading target/board/generic/sepolicy/file_contexts +2 −0 Original line number Diff line number Diff line Loading @@ -2,3 +2,5 @@ /dev/socket/qemud u:object_r:qemud_socket:s0 /system/bin/qemud u:object_r:qemud_exec:s0 /sys/qemu_trace(/.*)? -- u:object_r:sysfs_writable:s0 /system/etc/init.goldfish.sh u:object_r:goldfish_setup_exec:s0 /system/bin/qemu-props u:object_r:qemu_props_exec:s0 target/board/generic/sepolicy/goldfish_logcat.te 0 → 100644 +11 −0 Original line number Diff line number Diff line # goldfish-logcat service: runs logcat -Q type goldfish_logcat, domain; permissive_or_unconfined(goldfish_logcat) domain_auto_trans(init, logcat_exec, goldfish_logcat) # Read from logd. read_logd(goldfish_logcat) # Write to /dev/ttyS2 allow goldfish_logcat serial_device:chr_file { write open }; target/board/generic/sepolicy/goldfish_setup.te 0 → 100644 +19 −0 Original line number Diff line number Diff line # goldfish-setup service: runs init.goldfish.sh script type goldfish_setup, domain; type goldfish_setup_exec, exec_type, file_type; permissive_or_unconfined(goldfish_setup) init_daemon_domain(goldfish_setup) # Inherit open file to shell (interpreter) for script. allow goldfish_setup shell_exec:file read; # Run ifconfig, route commands to configure interfaces and routes. allow goldfish_setup system_file:file execute_no_trans; allow goldfish_setup self:capability { net_admin net_raw }; allow goldfish_setup self:udp_socket create_socket_perms; # Set net.eth0.dns*, debug.sf.nobootanimation unix_socket_connect(goldfish_setup, property, init) allow goldfish_setup system_prop:property_service set; allow goldfish_setup debug_prop:property_service set; target/board/generic/sepolicy/property.te 0 → 100644 +1 −0 Original line number Diff line number Diff line type qemu_prop, property_type; Loading
target/board/generic/BoardConfig.mk +5 −0 Original line number Diff line number Diff line Loading @@ -82,6 +82,11 @@ BOARD_SEPOLICY_UNION += \ domain.te \ file.te \ file_contexts \ goldfish_setup.te \ goldfish_logcat.te \ property.te \ property_contexts \ qemu_props.te \ qemud.te \ rild.te \ shell.te \ Loading
target/board/generic/sepolicy/file_contexts +2 −0 Original line number Diff line number Diff line Loading @@ -2,3 +2,5 @@ /dev/socket/qemud u:object_r:qemud_socket:s0 /system/bin/qemud u:object_r:qemud_exec:s0 /sys/qemu_trace(/.*)? -- u:object_r:sysfs_writable:s0 /system/etc/init.goldfish.sh u:object_r:goldfish_setup_exec:s0 /system/bin/qemu-props u:object_r:qemu_props_exec:s0
target/board/generic/sepolicy/goldfish_logcat.te 0 → 100644 +11 −0 Original line number Diff line number Diff line # goldfish-logcat service: runs logcat -Q type goldfish_logcat, domain; permissive_or_unconfined(goldfish_logcat) domain_auto_trans(init, logcat_exec, goldfish_logcat) # Read from logd. read_logd(goldfish_logcat) # Write to /dev/ttyS2 allow goldfish_logcat serial_device:chr_file { write open };
target/board/generic/sepolicy/goldfish_setup.te 0 → 100644 +19 −0 Original line number Diff line number Diff line # goldfish-setup service: runs init.goldfish.sh script type goldfish_setup, domain; type goldfish_setup_exec, exec_type, file_type; permissive_or_unconfined(goldfish_setup) init_daemon_domain(goldfish_setup) # Inherit open file to shell (interpreter) for script. allow goldfish_setup shell_exec:file read; # Run ifconfig, route commands to configure interfaces and routes. allow goldfish_setup system_file:file execute_no_trans; allow goldfish_setup self:capability { net_admin net_raw }; allow goldfish_setup self:udp_socket create_socket_perms; # Set net.eth0.dns*, debug.sf.nobootanimation unix_socket_connect(goldfish_setup, property, init) allow goldfish_setup system_prop:property_service set; allow goldfish_setup debug_prop:property_service set;
target/board/generic/sepolicy/property.te 0 → 100644 +1 −0 Original line number Diff line number Diff line type qemu_prop, property_type;
