MiPad4/android_device_xiaomi_sdm660-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sdm660-common: sepolicy: address or dontaudit some untrusted_app denials

Browse source 
Signed-off-by: drkphnx <dark.phnx12@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
This commit is contained in:
drkphnx 2022-06-11 10:35:23 +05:30 committed by pix106
parent 6ec5654a34
commit b9d8296f0e
1 changed files with 28 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
sepolicy/vendor/untrusted_app.te vendored
View file

@ -3,3 +3,31 @@ allow untrusted_app_25 zygote:unix_stream_socket getopt;
allow untrusted_app_27 zygote:unix_stream_socket getopt;
allow untrusted_app_29 zygote:unix_stream_socket getopt;
allow untrusted_app_30 zygote:unix_stream_socket getopt;
# dontaudit
dontaudit untrusted_app proc_zoneinfo: file { read };
dontaudit untrusted_app system_lib_file:file { execmod };
dontaudit untrusted_app proc_version:file { read };
dontaudit untrusted_app proc_net_tcp_udp:file { read };
dontaudit untrusted_app selinuxfs:file { read };
dontaudit untrusted_app serialno_prop:file { read };
dontaudit untrusted_app app_data_file:file { execute execute_no_trans };
dontaudit untrusted_app mnt_vendor_file:dir { search };
dontaudit untrusted_app proc:file { read };
dontaudit untrusted_app proc:file { open };
dontaudit untrusted_app proc_net_tcp_udp:file { open };
dontaudit untrusted_app proc_version:file { read };
allow untrusted_app rootfs:dir { read };
allow untrusted_app proc_kmsg:file { getattr };
allow untrusted_app proc_keys:file { getattr };
allow untrusted_app proc_swaps:file { getattr };
allow untrusted_app proc_modules:file { read };
get_prop(untrusted_app, wifi_hal_prop)
allow untrusted_app rootfs:dir { open };
allow untrusted_app sysfs:dir { read };
allow untrusted_app block_device:dir { search };