msm8996-common: Initial sepolicy

* Lots of parts are from the old one so thanks to everyone who contributed to that one * Still it doesn't boot in enforcing though Signed-off-by: dd3boh <dade.garberi@gmail.com>
author: dd3boh <dade.garberi@gmail.com> 2017-11-03 19:48:41 +0100
committer: dd3boh <dade.garberi@gmail.com> 2017-11-04 23:28:42 +0100
commit: de5ba527af64c2ae715c2487119a27501d85cc09 (patch)
tree: 45ea99f9bf7ad60e635dc400d17a15f2dcbfffbc /sepolicy/readmac.te
parent: 64dac7dc7bf956e3394fd88c87e2c614411c0c3f (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/sepolicy/readmac.te b/sepolicy/readmac.te
new file mode 100644
index 0000000..2a326e0
--- /dev/null
+++ b/sepolicy/readmac.te
@@ -0,0 +1,18 @@
+type readmac, domain;
+type readmac_exec, exec_type, file_type;
+
+# Allow for transition from init domain to readmac
+init_daemon_domain(readmac)
+
+# Allow readmac to communicate with qmuxd via qmux_radio socket
+qmux_socket(readmac)
+
+# Allow readmac to fully access wlan_mac.bin persist file
+allow readmac persist_file:dir rw_dir_perms;
+allow readmac persist_file:file create_file_perms;
+
+allow readmac self:capability dac_override;
+allow readmac self:socket create_socket_perms_no_ioctl;
+
+allow readmac diag_device:chr_file rw_file_perms;
+allow readmac sysfs:file r_file_perms;
author	dd3boh <dade.garberi@gmail.com>	2017-11-03 19:48:41 +0100
committer	dd3boh <dade.garberi@gmail.com>	2017-11-04 23:28:42 +0100
commit	de5ba527af64c2ae715c2487119a27501d85cc09 (patch)
tree	45ea99f9bf7ad60e635dc400d17a15f2dcbfffbc /sepolicy/readmac.te
parent	64dac7dc7bf956e3394fd88c87e2c614411c0c3f (diff)