MiPad4/android_device_xiaomi_sdm660-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_device_xiaomi_sdm66.../sepolicy/vendor/file_contexts
Alcatraz323 68c470f248 sdm660-common: sepolicy: address bunch of denials 
* suppress bunch of capability denials, they are harmless and managed by aosp, if it should be fixed, aosp will do
* correct some typo

Signed-off-by: pix106 <sbordenave@gmail.com>
2023-08-22 08:44:53 +02:00

116 lines
9.6 KiB
Text
Raw Blame History

# Amplifier
/(vendor|system/vendor)/bin/tinymix u:object_r:vendor_tinyalsa_exec:s0
# Biometric
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.3-service\.xiaomi_sdm660 u:object_r:hal_fingerprint_sdm660_exec:s0
/(vendor|system/vendor)/bin/init\.goodix\.sh u:object_r:hal_fingerprint_sdm660_exec:s0
# Block
/sys/devices/platform/soc/c0c4000.sdhci/mmc_host/mmc0/mmc0:0001/block/mmcblk0/mq/0/nr_tags(/.*)? u:object_r:sysfs_emmc_host:s0
# Camera
/data/misc/camera u:object_r:camera_data_file:s0
# blkio
/dev/blkio(/.*)? u:object_r:blkio_dev:s0
/dev/blkio/background(/.*)? u:object_r:blkio_dev:s0
# Device nodes
/dev/stune(/.*)? u:object_r:cgroup:s0
# Executables
/vendor/bin/sh u:object_r:vendor_shell_exec:s0
# Fingerprint
/data/gf_data(/.*)? u:object_r:fingerprintd_data_file:s0
/data/gf_data/auth_ratio_database.db u:object_r:fingerprintd_data_file:s0
/data/vendor/fpc(/.*)? u:object_r:fingerprint_vendor_data_file:s0
/data/vendor/gf_data(/.*)? u:object_r:fingerprint_vendor_data_file:s0
/data/vendor/goodix(/.*)? u:object_r:fingerprint_vendor_data_file:s0
/dev/goodix_fp u:object_r:fingerprint_device:s0
/data/system/users/[0-9]/settings_fingerprint\.xml u:object_r:fingerprintd_data_file:s0
# Firmware
/firmware(/.*)? u:object_r:firmware_file:s0
/bt_firmware(/.*)? u:object_r:bt_firmware_file:s0
/persist(/.*)? u:object_r:persist_file:s0
# Hall Switch
/sys/module/hall/parameters(/.*)? u:object_r:hall_dev:s0
# Haptics control
/sys/module/qti_haptics/parameters/vmax_mv_override u:object_r:sysfs_vibrator:s0
# Hexagon DSP-side executable needed for Halide operation
# This is labeled as public_adsprpcd_file as it needs to be read by apps
# (e.g. Google Camera App)
/mnt/vendor/dsp/fastrpc_shell_3 u:object_r:public_adsprpcd_file:s0
# HW Info
/sys/devices/platform/HardwareInfo(/.*)? u:object_r:sysfs_info:s0
/sys/devices/platform/HardwareInfo/gsensor u:object_r:sysfs_info:s0
# IR
/dev/lirc0 u:object_r:spidev_device:s0
/dev/spidev7.1 u:object_r:spidev_device:s0
# Kcal
/sys/devices/platform/kcal_ctrl.0(/.*)? u:object_r:kcal_dev:s0
/sys/bus/platform/drivers/kcal_ctrl(/.*)? u:object_r:kcal_dev:s0
# IR HAL
/(vendor|system/vendor)/bin/hw/android\.hardware\.ir@1\.0-service\.xiaomi_sdm660 u:object_r:hal_ir_default_exec:s0
# Lights
/vendor/bin/hw/android\.hardware\.light-service\.xiaomi u:object_r:hal_light_default_exec:s0
# Mlipay
/(vendor|system/vendor)/bin/mlipayd@1.1 u:object_r:hal_mlipay_default_exec:s0
# Notification LED
/sys/devices/platform/soc/800f000.qcom,spmi/spmi-0/spmi0-03/800f000.qcom,spmi:qcom,pm660l@3:qcom,leds@d000/leds/blue(/.*)? u:object_r:sysfs_graphics:s0
/sys/devices/platform/soc/800f000.qcom,spmi/spmi-0/spmi0-03/800f000.qcom,spmi:qcom,pm660l@3:qcom,leds@d000/leds/green(/.*)? u:object_r:sysfs_graphics:s0
/sys/devices/platform/soc/800f000.qcom,spmi/spmi-0/spmi0-03/800f000.qcom,spmi:qcom,pm660l@3:qcom,leds@d000/leds/red(/.*)? u:object_r:sysfs_graphics:s0
/sys/devices/platform/soc/800f000.qcom,spmi/spmi-0/spmi0-03/800f000.qcom,spmi:qcom,pm660l@3:qcom,leds@d000/leds/white(/.*)? u:object_r:sysfs_graphics:s0
/sys/devices/platform/soc/800f000.qcom,spmi/spmi-0/spmi0-03/800f000.qcom,spmi:qcom,pm660l@3:qcom,leds@d300/leds/flashlight(/.*)? u:object_r:sysfs_graphics:s0
# Power
/(vendor|system/vendor)/bin/hw/android\.hardware\.power-service\.xiaomi_sdm660-libperfmgr u:object_r:hal_power_default_exec:s0
# Root files
/proc/sys/fs/protected_regular u:object_r:proc:s0
# Service HALs
/(vendor|system/vendor)/bin/hw/android\.hardware\.authsecret@1\.0-service u:object_r:hal_authsecret_default_exec:s0
# Sockets
/dev/socket/audio_hw_socket u:object_r:audio_socket:s0
# Tap to Wake
/sys/devices/platform/soc/c177000.i2c/i2c-3/3-005d/enable_dt2w u:object_r:sysfs_touchpanel:s0
/sys/devices/platform/soc/c177000.i2c/i2c-3/3-0038/enable_dt2w u:object_r:sysfs_touchpanel:s0
/proc/touchscreen/enable_dt2w u:object_r:sysfs_touchpanel:s0
# Thermal
/data/vendor/thermal(/.*)? u:object_r:thermal_data_file:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.thermal@2\.0-service\.mock u:object_r:hal_thermal_default_exec:s0
# USB
/vendor/bin/hw/android\.hardware\.usb\@1\.[0-3]-service-qti u:object_r:hal_usb_default_exec:s0
# Video4linux sysfs nodes
/sys/devices/platform/soc/caa0000\.qcom,jpeg/video4linux/video1(/.*)? u:object_r:sysfs_graphics:s0
# Wakeup
/sys/devices/platform/soc/800f000\.qcom,spmi/spmi-0/spmi0-00/800f000\.qcom,spmi:qcom,pm660@0:qcom,qpnp-smb2/power_supply/main/(?!.*wakeup\d+).* u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/800f000\.qcom,spmi/spmi-0/spmi0-00/800f000\.qcom,spmi:qcom,pm660@0:qcom,pm660_rtc/rtc/rtc0/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/800f000\.qcom,spmi/spmi-0/spmi0-00/800f000\.qcom,spmi:qcom,pm660@0:qpnp,fg/power_supply/bms/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/800f000\.qcom,spmi/spmi-0/spmi0-00/800f000\.qcom,spmi:qcom,pm660@0:qcom,qpnp-smb2/power_supply/battery/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/800f000\.qcom,spmi/spmi-0/spmi0-00/800f000\.qcom,spmi:qcom,pm660@0:qcom,qpnp-smb2/power_supply/dc/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/800f000\.qcom,spmi/spmi-0/spmi0-00/800f000\.qcom,spmi:qcom,pm660@0:qcom,qpnp-smb2/power_supply/main/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/800f000\.qcom,spmi/spmi-0/spmi0-00/800f000\.qcom,spmi:qcom,pm660@0:qcom,qpnp-smb2/power_supply/pc_port/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/800f000\.qcom,spmi/spmi-0/spmi0-00/800f000\.qcom,spmi:qcom,pm660@0:qcom,qpnp-smb2/power_supply/usb/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/c176000\.i2c/i2c-2/2-001d/power_supply/parallel/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/ca0c000\.qcom,cci/ca0c000\.qcom,cci:qcom,camera@0/video4linux/video[0-9]/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/ca0c000\.qcom,cci/ca0c000\.qcom,cci:qcom,camera@1/video4linux/video[0-9]/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
/sys/devices/platform/soc/ca0c000\.qcom,cci/ca0c000\.qcom,cci:qcom,camera@2/video4linux/video[0-9]/wakeup[0-9]+(/.*)? u:object_r:sysfs_wakeup:s0
Reference in a new issue View git blame Copy permalink