summaryrefslogtreecommitdiff
Diffstat
-rw-r--r--common/bluetooth.mk3
-rw-r--r--common/core_amlogic.mk70
-rw-r--r--common/products/mbox/init.amlogic.ab.rc59
-rw-r--r--common/products/mbox/init.amlogic.rc78
-rw-r--r--common/products/mbox/product_mbox.mk7
-rw-r--r--common/products/tablet/init.amlogic.rc6
-rw-r--r--common/products/tv/init.amlogic.rc57
-rw-r--r--common/products/tv/product_tv.mk11
-rw-r--r--common/sepolicy/adbd.te1
-rw-r--r--common/sepolicy/app.te149
-rw-r--r--common/sepolicy/audioserver.te7
-rw-r--r--common/sepolicy/bluetooth.te1
-rw-r--r--common/sepolicy/bootanim.te3
-rw-r--r--common/sepolicy/bootvideo.te8
-rw-r--r--common/sepolicy/cameraserver.te1
-rw-r--r--common/sepolicy/device.te1
-rw-r--r--common/sepolicy/dex2oat.te1
-rw-r--r--common/sepolicy/drm_device.te2
-rw-r--r--common/sepolicy/drmserver.te8
-rw-r--r--common/sepolicy/droidvold.te38
-rw-r--r--common/sepolicy/dv_config.te4
-rw-r--r--common/sepolicy/file.te4
-rw-r--r--common/sepolicy/file_contexts222
-rw-r--r--common/sepolicy/firmload.te10
-rw-r--r--common/sepolicy/fsck.te15
-rwxr-xr-x[-rw-r--r--]common/sepolicy/genfs_contexts18
-rw-r--r--common/sepolicy/hal_camera_default.te5
-rw-r--r--common/sepolicy/hal_drm_default.te2
-rw-r--r--common/sepolicy/hal_dumpstate_impl.te9
-rw-r--r--common/sepolicy/hal_memtrack_default.te35
-rw-r--r--common/sepolicy/hal_tv_cec_default.te2
-rw-r--r--common/sepolicy/hal_wifi_default.te8
-rw-r--r--common/sepolicy/hdcp_rx22.te17
-rw-r--r--common/sepolicy/hdcp_tx22.te3
-rw-r--r--common/sepolicy/hdmi_cec.te14
-rw-r--r--common/sepolicy/hdmicecd.te15
-rw-r--r--common/sepolicy/hwservice.te3
-rw-r--r--common/sepolicy/hwservice_contexts1
-rw-r--r--common/sepolicy/hwservicemanager.te7
-rw-r--r--common/sepolicy/imageserver.te48
-rw-r--r--common/sepolicy/init.te158
-rw-r--r--common/sepolicy/installd.te8
-rw-r--r--common/sepolicy/kernel.te2
-rw-r--r--common/sepolicy/keystore.te3
-rw-r--r--common/sepolicy/lmkd.te2
-rw-r--r--common/sepolicy/logcat.te12
-rw-r--r--common/sepolicy/make_ext4fs.te19
-rw-r--r--common/sepolicy/mediacodec.te10
-rw-r--r--common/sepolicy/mediaserver.te48
-rw-r--r--common/sepolicy/netd.te5
-rw-r--r--common/sepolicy/platform_app.te48
-rw-r--r--common/sepolicy/ppp.te13
-rw-r--r--common/sepolicy/pppd.te42
-rw-r--r--common/sepolicy/pppoe_wrapper.te53
-rw-r--r--common/sepolicy/priv_app.te15
-rw-r--r--common/sepolicy/recovery.te34
-rw-r--r--common/sepolicy/remotecfg.te2
-rw-r--r--common/sepolicy/seapp_contexts38
-rw-r--r--common/sepolicy/servicemanager.te6
-rw-r--r--common/sepolicy/shell.te6
-rw-r--r--common/sepolicy/surfaceflinger.te6
-rw-r--r--common/sepolicy/system_app.te120
-rw-r--r--common/sepolicy/system_control.te25
-rw-r--r--common/sepolicy/system_server.te66
-rw-r--r--common/sepolicy/tee.te2
-rw-r--r--common/sepolicy/tvserver.te63
-rw-r--r--common/sepolicy/ueventd.te1
-rw-r--r--common/sepolicy/update_engine.te2
-rw-r--r--common/sepolicy/update_verifier.te4
-rw-r--r--common/sepolicy/usbpm.te9
-rw-r--r--common/sepolicy/vndservicemanager.te3
-rw-r--r--common/sepolicy/vold.te58
-rw-r--r--common/sepolicy/vold_ext.te27
-rw-r--r--common/sepolicy/webview_zygote.te2
-rw-r--r--common/sepolicy/wlan_fwloader.te10
-rw-r--r--common/sepolicy/zygote.te3
-rw-r--r--common/software.mk3
-rw-r--r--common/vndk/Android.mk57
-rw-r--r--p212/BoardConfig.mk6
-rw-r--r--p212/device.mk2
-rw-r--r--p212/fstab.amlogic5
-rw-r--r--p212/init.amlogic.board.rc16
-rw-r--r--p212/manifest.xml63
-rw-r--r--p212/system.prop81
-rw-r--r--p230/BoardConfig.mk5
-rw-r--r--p230/device.mk2
-rw-r--r--p230/fstab.AB.amlogic3
-rw-r--r--p230/fstab.AB.verity.amlogic3
-rw-r--r--p230/fstab.amlogic3
-rw-r--r--p230/fstab.amlogic.bak19
-rw-r--r--p230/fstab.verity.amlogic3
-rw-r--r--p230/init.amlogic.board.rc16
-rw-r--r--p230/manifest.xml63
-rw-r--r--p230/system.prop81
94 files changed, 987 insertions, 1322 deletions
diff --git a/common/sepolicy/system_app.te b/common/sepolicy/system_app.te
index c24b45c..f9dd27b 100644
--- a/common/sepolicy/system_app.te
+++ b/common/sepolicy/system_app.te
@@ -1,56 +1,67 @@
-allow system_app sysfs_lowmemorykiller:file { getattr w_file_perms };
-allow system_app subtitle_service:service_manager add;
-
-#added for atv remote
-allow system_app uhid_device:dir r_dir_perms;
-
-allow system_app dhcp_data_file:file { r_file_perms };
-allow system_app ppp_data_file:dir { create_dir_perms };
-allow system_app ppp_data_file:file { create_file_perms };
-allow system_app ppp_data_file:sock_file { create_file_perms };
-allow system_app pppoe_wrapper_socket:sock_file { write setattr };
-allow system_app pppoe_wrapper_socket:file { getattr write open };
-allow system_app pppoe_wrapper:unix_dgram_socket sendto;
-allow system_app dhcp_data_file:dir { r_dir_perms };
-allow system_app dhcp_data_file:fifo_file { r_file_perms };
-
-allow system_app vold:unix_stream_socket connectto;
-allow system_app pppoe_service:service_manager add;
-allow system_app dig_socket:sock_file write;
-
-allow system_app iso9660:dir { search read open };
-allow system_app unlabeled:dir { open search read write getattr };
-allow system_app unlabeled:file { lock open read write getattr };
-
-# /cache_file for dvb app creat update.zip file at /cache dir
-allow system_app cache_file:dir {create_dir_perms create_file_perms rw_file_perms};
-allow system_app cache_file:file {create_file_perms rw_file_perms getattr};
-
-allow system_app log_file:dir { search read open getattr };
-allow system_app log_file:file { read open getattr };
-allow system_app tombstone_data_file:dir r_dir_perms;
-allow system_app tombstone_data_file:file r_file_perms;
-
-allow system_app shell_data_file:dir search;
-allow system_app graphics_device:dir search;
-allow system_app sysfs_xbmc:file {open read write};
-allow system_app media_prop:property_service set;
-allow system_app system_app:process setfscreate;
-allow system_app socket_device:sock_file setattr;
-allow system_app pppoe_wrapper_socket:sock_file create;
-allow system_app pppoe_wrapper_socket:sock_file unlink;
-allow system_app pppoe_wrapper_socket:file create;
-allow system_app cache_recovery_file:dir { search read open write add_name remove_name};
-allow system_app cache_recovery_file:file { create rw_file_perms unlink};
-allow system_app update_data_file:dir {getattr search read write open add_name remove_name};
-allow system_app update_data_file:file {getattr write read create open unlink};
-allow system_app update_engine:binder {call transfer};
-
-allow system_app tv_prop:file {open read getattr};
-allow system_app tv_prop:property_service {set};
-
-allow system_app proc_stat:file { read open getattr };
-allow system_app proc_interrupts:file { read open getattr };
+#allow system_app sysfs_lowmemorykiller:file { getattr w_file_perms };
+#allow system_app subtitle_service:service_manager add;
+#
+##added for atv remote
+#allow system_app uhid_device:dir r_dir_perms;
+#
+#allow system_app dhcp_data_file:file { r_file_perms };
+#allow system_app ppp_data_file:dir { create_dir_perms };
+#allow system_app ppp_data_file:file { create_file_perms };
+#allow system_app ppp_data_file:sock_file { create_file_perms };
+#allow system_app pppoe_wrapper_socket:sock_file { write setattr };
+#allow system_app pppoe_wrapper_socket:file { getattr write open };
+#allow system_app pppoe_wrapper:unix_dgram_socket sendto;
+#allow system_app dhcp_data_file:dir { r_dir_perms };
+#allow system_app dhcp_data_file:fifo_file { r_file_perms };
+#
+#allow system_app vold:unix_stream_socket connectto;
+#allow system_app pppoe_service:service_manager add;
+#allow system_app dig_socket:sock_file write;
+#
+#allow system_app iso9660:dir { search read open };
+#allow system_app unlabeled:dir { search read write getattr };
+#allow system_app unlabeled:file { lock open read write getattr };
+#
+## /cache_file for dvb app creat update.zip file at /cache dir
+#allow system_app cache_file:dir {create_dir_perms create_file_perms rw_file_perms};
+#allow system_app cache_file:file {create_file_perms rw_file_perms};
+#
+#allow system_app log_file:dir { search read open getattr };
+#allow system_app log_file:file { read open getattr };
+#allow system_app tombstone_data_file:dir r_dir_perms;
+#allow system_app tombstone_data_file:file r_file_perms;
+#
+#allow system_app shell_data_file:dir search;
+#allow system_app graphics_device:dir search;
+#allow system_app sysfs_xbmc:file {open read write};
+#allow system_app media_prop:property_service set;
+#allow system_app system_app:process setfscreate;
+#allow system_app socket_device:sock_file setattr;
+#allow system_app pppoe_wrapper_socket:sock_file create;
+#allow system_app pppoe_wrapper_socket:sock_file unlink;
+#allow system_app pppoe_wrapper_socket:file create;
+#allow system_app cache_recovery_file:dir { search read open write add_name remove_name};
+#allow system_app cache_recovery_file:file { create rw_file_perms unlink};
+
+#allow system_app update_engine:binder {call transfer};
+#
+#allow system_app tv_prop:file {open read getattr};
+#allow system_app tv_prop:property_service {set};
+
+allow system_app rootfs:dir { getattr };
+
+allow system_app vendor_file:file { read open getattr execute };
+
+allow system_app system_app:netlink_kobject_uevent_socket { create };
+
+allow system_app update_data_file:dir { getattr search read write open add_name remove_name };
+allow system_app update_data_file:file { getattr write read create open unlink };
+
+allow system_app { pppoe_service subtitle_service }:service_manager { add };
+
+allow system_app system_app:netlink_kobject_uevent_socket { create setopt bind read getopt };
+
+#allow system_app socket_device:sock_file { write };
allow system_app exfat:dir create_dir_perms;
allow system_app exfat:file create_file_perms;
@@ -59,3 +70,6 @@ allow system_app ntfs:dir create_dir_perms;
allow system_app ntfs:file create_file_perms;
allow system_app mnt_media_rw_file:dir r_dir_perms;
+allow system_app { systemcontrol_hwservice hdmicecd_hwservice }:hwservice_manager { find };
+
+allow system_app { system_control hdmicecd }:binder { call transfer };
generated by cgit at 2024-05-17 14:25:16 (GMT)