diff options
| -rw-r--r-- | sepolicy/file.te | 2 | ||||
| -rw-r--r-- | sepolicy/file_contexts | 4 | ||||
| -rw-r--r-- | sepolicy/netmgrd.te | 7 | ||||
| -rw-r--r-- | sepolicy/readmac.te | 1 | ||||
| -rw-r--r-- | sepolicy/thermal-engine.te | 6 |
5 files changed, 16 insertions, 4 deletions
diff --git a/sepolicy/file.te b/sepolicy/file.te index 4569d6b..27942cb 100644 --- a/sepolicy/file.te +++ b/sepolicy/file.te @@ -7,3 +7,5 @@ type nv_data_file, file_type; type proc_stat, fs_type; type debugfs_msm_core, debugfs_type, fs_type; type debugfs_rmts, debugfs_type, fs_type; +type thermal_data_file, file_type; +type netmgrd_data_file, file_type; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 65154cf..c1dd5ed 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -29,3 +29,7 @@ /system/bin/ifaadaemon u:object_r:ifaadaemon_exec:s0 /system/bin/readmac u:object_r:readmac_exec:s0 + +# Data files +/data/decrypt.txt u:object_r:thermal_data_file:s0 +/data/misc/netmgr/log.txt u:object_r:netmgrd_data_file:s0 diff --git a/sepolicy/netmgrd.te b/sepolicy/netmgrd.te index e0f453a..ab1140f 100644 --- a/sepolicy/netmgrd.te +++ b/sepolicy/netmgrd.te @@ -1,2 +1,5 @@ -allow netmgrd diag_prop:property_service set; -get_prop(netmgrd, diag_prop); +type_transition netmgrd system_data_file:file netmgrd_data_file "log.txt"; + +allow netmgrd self:capability dac_override; +allow netmgrd netmgrd_data_file:file rw_file_perms; + diff --git a/sepolicy/readmac.te b/sepolicy/readmac.te index adb739e..23e5e9b 100644 --- a/sepolicy/readmac.te +++ b/sepolicy/readmac.te @@ -15,3 +15,4 @@ allow readmac self:capability dac_override; allow readmac self:socket create_socket_perms; allow readmac diag_device:chr_file rw_file_perms; +allow readmac sysfs:file r_file_perms; diff --git a/sepolicy/thermal-engine.te b/sepolicy/thermal-engine.te index 3754b93..596fb92 100644 --- a/sepolicy/thermal-engine.te +++ b/sepolicy/thermal-engine.te @@ -1,3 +1,5 @@ -set_prop(thermal-engine, diag_prop) -allow thermal-engine sysfs_batteryinfo:file r_file_perms; +type_transition thermal-engine system_data_file:file thermal_data_file "decrypt.txt"; + allow thermal-engine sysfs_kgsl:file r_file_perms; +allow thermal-engine system_data_file:dir w_dir_perms; +allow thermal-engine thermal_data_file:file create_file_perms; |