-
Notifications
You must be signed in to change notification settings - Fork 3
/
system_app.te
32 lines (24 loc) · 1.16 KB
/
system_app.te
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
allow system_app surfaceflinger_tmpfs:file { read write };
allow system_app log_file:dir create_dir_perms;
allow system_app log_file:file create_file_perms;
allow system_app log_file:filesystem getattr;
allow system_app {
sysfs_devices_system_cpu
sysfs_thermal_file
}:file rw_file_perms;
# XXX: Possible removal for M
dontaudit system_app debugfs:file read;
# setprop ctl.logconfig
allow system_app ctl_logconfig_prop:property_service set;
# ITUX app needs to access thermal data files and sysfs
allow system_app itux_data_file:dir create_dir_perms;
allow system_app itux_data_file:file create_file_perms;
allow system_app thermal_device:chr_file rw_file_perms;
allow system_app sysfs_devices_system_cpu:file rw_file_perms;
allow system_app sysfs_powercap:{ file lnk_file } rw_file_perms;
allow system_app sysfs_powercap:dir {read open search };
allow system_app sysfs_thermal_management:{ file lnk_file } rw_file_perms;
allow system_app sysfs_thermal_management:dir {read open search };
allow system_app self:netlink_kobject_uevent_socket { read create setopt bind };
allow system_app powerctl_prop:property_service set;
allow system_app cam_flash_thrtl_prop:property_service set;