blob: 5237fc355aa07aed88035c824446f9146c4c14b3
| 1 | type bootvideo, domain; |
| 2 | type bootvideo_exec, exec_type, file_type; |
| 3 | init_daemon_domain(bootvideo) |
| 4 | binder_use(bootvideo); |
| 5 | #unix_socket_connect(bootvideo, property, init); |
| 6 | |
| 7 | #Bootvideo |
| 8 | allow bootvideo media_prop:file { read open getattr }; |
| 9 | allow bootvideo sysfs:file { read open getattr }; |
| 10 | allow bootvideo proc:file { read open getattr }; |
| 11 | allow bootvideo sysfs_audio_cap:file { read open getattr }; |
| 12 | |
| 13 | #Self |
| 14 | allow bootvideo self:process execmem; |
| 15 | allow bootvideo self:capability {dac_override dac_read_search}; |
| 16 | |
| 17 | #System device |
| 18 | #allow bootvideo video_device:chr_file rw_file_perms; |
| 19 | allow bootvideo audio_device:dir r_dir_perms; |
| 20 | #allow bootvideo audio_device:chr_file rw_file_perms; |
| 21 | #allow bootvideo uio_device:chr_file rw_file_perms; |
| 22 | #allow bootvideo dvb_video_device:chr_file rw_file_perms; |
| 23 | |
| 24 | #File system and property |
| 25 | allow bootvideo system_control:binder call; |
| 26 | #allow bootvideo property_socket:property_service set; |
| 27 | allow bootvideo media_prop:property_service set; |
| 28 | allow bootvideo property_socket:sock_file write; |
| 29 | |
| 30 | #System volume file |
| 31 | allow bootvideo system_data_file:file open; |
| 32 | |
| 33 | allow bootvideo sysfs_xbmc:file { open read write getattr }; |
| 34 | allow bootvideo system_control_service:service_manager find; |
| 35 | |
| 36 | set_prop(bootvideo, system_prop) |
| 37 |