Merge "Added SE-Policy rules for usbudev on Vendor-14"
This commit is contained in:
commit
9c9ec91a94
2 changed files with 17 additions and 0 deletions
|
@ -69,6 +69,7 @@
|
||||||
/(system_ext|system/system_ext)/bin/qxrsplitauxservice u:object_r:vendor_sys_sxrauxd_exec:s0
|
/(system_ext|system/system_ext)/bin/qxrsplitauxservice u:object_r:vendor_sys_sxrauxd_exec:s0
|
||||||
/(system_ext|system/system_ext)/bin/qsguard u:object_r:qsguard_exec:s0
|
/(system_ext|system/system_ext)/bin/qsguard u:object_r:qsguard_exec:s0
|
||||||
/system_ext/bin/virtual_keyboard u:object_r:vendor_virtual_keyboard_exec:s0
|
/system_ext/bin/virtual_keyboard u:object_r:vendor_virtual_keyboard_exec:s0
|
||||||
|
/system_ext/bin/usbudev u:object_r:vendor_usbudev_qti_exec:s0
|
||||||
|
|
||||||
####### data files ################
|
####### data files ################
|
||||||
/data/dpm(/.*)? u:object_r:vendor_dpmd_data_file:s0
|
/data/dpm(/.*)? u:object_r:vendor_dpmd_data_file:s0
|
||||||
|
|
16
generic/private/usbudev.te
Normal file
16
generic/private/usbudev.te
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
# Copyright (c) 2024 Qualcomm Innovation Center, Inc. All rights reserved.
|
||||||
|
# SPDX-License-Identifier: BSD-3-Clause-Clear
|
||||||
|
|
||||||
|
#============= vendor_usbudev_qti ==============
|
||||||
|
type vendor_usbudev_qti, domain, coredomain;
|
||||||
|
type vendor_usbudev_qti_exec, system_file_type, exec_type, file_type;
|
||||||
|
|
||||||
|
init_daemon_domain(vendor_usbudev_qti)
|
||||||
|
allow vendor_usbudev_qti self:netlink_kobject_uevent_socket { bind create getopt read setopt };
|
||||||
|
allow vendor_usbudev_qti toolbox_exec:file rx_file_perms;
|
||||||
|
allow vendor_usbudev_qti self:capability net_admin;
|
||||||
|
allow vendor_usbudev_qti self:netlink_route_socket { bind create getattr setopt nlmsg_write read write };
|
||||||
|
allow vendor_usbudev_qti self:udp_socket {create_socket_perms};
|
||||||
|
allowxperm vendor_usbudev_qti self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFADDR SIOCSIFNETMASK };
|
||||||
|
allow vendor_usbudev_qti shell_exec:file { rx_file_perms };
|
||||||
|
allow vendor_usbudev_qti system_file:file execute_no_trans;
|
Loading…
Reference in a new issue