Evolution-x-devices/device_xiaomi_sm6150-common
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_xiaomi_sm6150-common synced 2026-01-27 12:07:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

sm6150-common: sepolicy: Address/Silence some denials

Browse Source 
Change-Id: I528e7e7b1c7483ce1829605ce0ffafdf62228761
Signed-off-by: therealmharc <therealmharc@gmail.com>
This commit is contained in:
Yumi Yukimura
2025-02-13 16:56:49 +08:00
committed by therealmharc
parent 7424384eb3
commit d4b25497ed
8 changed files with 15 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
sepolicy/vendor/hal_camera_default.te vendored
View File

@@ -4,6 +4,7 @@ hal_client_domain(hal_camera_default, hal_power)
allow hal_camera_default proc_meminfo:file r_file_perms; allow hal_camera_default proc_meminfo:file r_file_perms;
r_dir_file(hal_camera_default, sysfs_leds)
r_dir_file(hal_camera_default, vendor_sysfs_kgsl) r_dir_file(hal_camera_default, vendor_sysfs_kgsl)
r_dir_file(hal_camera_default, vendor_persist_camera_file) r_dir_file(hal_camera_default, vendor_persist_camera_file)
r_dir_file(hal_camera_default, mnt_vendor_file) r_dir_file(hal_camera_default, mnt_vendor_file)

1
sepolicy/vendor/hal_wifi_default.te vendored Normal file
View File

@@ -0,0 +1 @@
allow hal_wifi_default self:capability sys_module;

2
sepolicy/vendor/kernel.te vendored
View File

@@ -1 +1,3 @@
allow kernel per_boot_file:file r_file_perms; allow kernel per_boot_file:file r_file_perms;
dontaudit kernel mnt_vendor_file:dir search;

3
sepolicy/vendor/property.te vendored
View File

@@ -1,2 +1,5 @@
# Ultrasound # Ultrasound
vendor_public_prop(elliptic_ultrasound_prop) vendor_public_prop(elliptic_ultrasound_prop)
# WiFi
vendor_internal_prop(vendor_wcnss_service_prop)

3
sepolicy/vendor/property_contexts vendored
View File

@@ -18,5 +18,8 @@ ro.vendor.oem.sno u:object_r:vendor_sno_prop:s0
persist.vendor.radio.imei u:object_r:vendor_deviceid_prop:s0 persist.vendor.radio.imei u:object_r:vendor_deviceid_prop:s0
persist.vendor.radio.meid u:object_r:vendor_deviceid_prop:s0 persist.vendor.radio.meid u:object_r:vendor_deviceid_prop:s0
# WiFi
persist.vendor.cnss-daemon. u:object_r:vendor_wcnss_service_prop:s0
# Xiaomi thermal daemon # Xiaomi thermal daemon
vendor.sys.thermal. u:object_r:vendor_thermal_normal_prop:s0 vendor.sys.thermal. u:object_r:vendor_thermal_normal_prop:s0

1
sepolicy/vendor/toolbox.te vendored
View File

@@ -1,2 +1,3 @@
allow toolbox per_boot_file:dir create_dir_perms; allow toolbox per_boot_file:dir create_dir_perms;
allow toolbox per_boot_file:file create_file_perms; allow toolbox per_boot_file:file create_file_perms;
allow toolbox self:capability kill;

2
sepolicy/vendor/vendor_thermal-engine.te vendored Normal file
View File

@@ -0,0 +1,2 @@
r_dir_file(vendor_thermal-engine, thermal_data_file)
set_prop(vendor_thermal-engine, vendor_thermal_normal_prop)

2
sepolicy/vendor/vendor_wcnss_service.te vendored Normal file
View File

@@ -0,0 +1,2 @@
set_prop(vendor_wcnss_service, vendor_radio_prop)
set_prop(vendor_wcnss_service, vendor_wcnss_service_prop)