27a8c002ce
Example:
I auditd : type=1400 audit(0.0:18): avc: denied { open } for comm="vendor.qti.hard" path="/sys/devices/platform/soc/990000.i2c/i2c-1/1-005a/leds/vibrator/activate" dev="sysfs" ino=93558 scontext=u:r:hal_vibrator_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file
Change-Id: Iea46e718f4e2c1ed3b3037dcfecb4536fd47ef2d
26 lines
664 B
Plaintext
26 lines
664 B
Plaintext
# Super modem mounting
|
|
allow fsg_file self:filesystem associate;
|
|
allow init fsg_file:dir mounton;
|
|
allow init fsg_file:filesystem { getattr mount relabelfrom unmount };
|
|
allow init firmware_file:filesystem unmount;
|
|
|
|
# Allow init to access loop devices
|
|
allow init loop_device:blk_file { create setattr unlink };
|
|
allowxperm init loop_device:blk_file ioctl {
|
|
LOOP_GET_STATUS64
|
|
LOOP_GET_STATUS
|
|
LOOP_SET_STATUS64
|
|
LOOP_SET_STATUS
|
|
BLKFLSBUF
|
|
};
|
|
|
|
# Product persist
|
|
allow init mnt_product_file:dir mounton;
|
|
|
|
recovery_only(`
|
|
allow init self:capability sys_module;
|
|
allow init rootfs:system module_load;
|
|
')
|
|
|
|
allow init vendor_sysfs_vibrator:file create_file_perms;
|