blob: 22617da59e116273a0a32eac8c4a1f4ac1573cf3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
allow priv_app adsprpcd_file:filesystem getattr;
allow priv_app asec_apk_file:dir r_dir_perms;
allow priv_app bt_firmware_file:dir r_dir_perms;
allow priv_app cache_private_backup_file:dir r_dir_perms;
allow priv_app cgroup:dir r_dir_perms;
allow priv_app configfs:dir r_dir_perms;
allow priv_app configfs:file r_file_perms;
allow priv_app file_contexts_file:file r_file_perms;
allow priv_app firmware_file:dir r_file_perms;
allow priv_app hal_memtrack_hwservice:hwservice_manager find;
allow priv_app hwservice_contexts_file:file r_file_perms;
allow priv_app keylayout_file:dir r_file_perms;
allow priv_app mac_perms_file:file r_file_perms;
allow priv_app mnt_media_rw_file:dir r_dir_perms;
allow priv_app nonplat_service_contexts_file:file r_file_perms;
allow priv_app proc_stat:file r_file_perms;
allow priv_app radio_data_file:dir r_dir_perms;
allow priv_app seapp_contexts_file:file r_file_perms;
allow priv_app sepolicy_file:file r_file_perms;
allow priv_app service_contexts_file:file r_file_perms;
allow priv_app vendor_file:file rx_file_perms;
allow priv_app vndservice_contexts_file:file r_file_perms;
allow priv_app proc_interrupts:file r_file_perms;
allow priv_app proc_modules:file r_file_perms;
allow priv_app proc:file r_file_perms;
allow priv_app device:dir open;
r_dir_file(priv_app, sysfs_type);
binder_call(priv_app, hal_memtrack_default);
# Clean up logspam
dontaudit priv_app device:dir read;
dontaudit priv_app proc_interrupts:file read;
dontaudit priv_app proc_modules:file read;
|
