287 files changed, 177798 insertions, 0 deletions
diff --git a/sepolicy/hal_memtrack_default.te b/sepolicy/hal_memtrack_default.te new file mode 100644 index 0000000..6cde1cc --- a/dev/null +++ b/sepolicy/hal_memtrack_default.te @@ -0,0 +1,39 @@ +typeattribute hal_memtrack_default mlstrustedsubject; + +allow hal_memtrack_default proc:file { open read getattr }; +allow hal_memtrack_default system_app:file { open read getattr }; +allow hal_memtrack_default system_app:dir { search }; +allow hal_memtrack_default servicemanager:file { open read getattr }; +allow hal_memtrack_default servicemanager:dir { search }; +allow hal_memtrack_default hwservicemanager:file { open read getattr }; +allow hal_memtrack_default hwservicemanager:dir { search }; +allow hal_memtrack_default vndservicemanager:file { open read getattr }; +allow hal_memtrack_default vndservicemanager:dir { search }; +allow hal_memtrack_default hal_dumpstate_default:file { open read getattr }; +allow hal_memtrack_default hal_dumpstate_default:dir { search }; +allow hal_memtrack_default hal_configstore_default:file { open read getattr }; +allow hal_memtrack_default hal_configstore_default:dir { search }; + +allow hal_memtrack_default { priv_app platform_app untrusted_app su drmserver installd keystore mdnsd isolated_app }:dir { search }; +allow hal_memtrack_default { priv_app platform_app untrusted_app su drmserver installd keystore mdnsd isolated_app }:file { read open getattr }; + +allow hal_memtrack_default { gatekeeperd tombstoned webview_zygote zygote netd wificond sdcardd hal_camera_default hal_tv_cec_default }:dir { search }; +allow hal_memtrack_default { gatekeeperd tombstoned webview_zygote zygote netd wificond sdcardd hal_camera_default hal_tv_cec_default }:file { read open getattr }; + +allow hal_memtrack_default { hal_audio_default hal_usb_default hal_power_default hal_wifi_default hal_drm_default }:dir { search }; +allow hal_memtrack_default { hal_audio_default hal_usb_default hal_power_default hal_wifi_default hal_drm_default }:file { read open getattr }; +allow hal_memtrack_default { hal_graphics_composer_default hal_graphics_allocator_default hal_gatekeeper_default }:dir { search }; +allow hal_memtrack_default { hal_graphics_composer_default hal_graphics_allocator_default hal_gatekeeper_default }:file { read open getattr }; + +allow hal_memtrack_default { hal_graphics_composer_default hal_graphics_allocator_default hal_gatekeeper_default }:dir { search }; +allow hal_memtrack_default { hal_graphics_composer_default hal_graphics_allocator_default hal_gatekeeper_default }:file { read open getattr }; + +allow hal_memtrack_default { hal_keymaster_default droidvold adbd tee hdmicecd bluetooth untrusted_app_25 }:dir { search }; +allow hal_memtrack_default { hal_keymaster_default droidvold adbd tee hdmicecd bluetooth untrusted_app_25 }:file { read open getattr }; + +allow hal_memtrack_default { mediadrmserver mediaextractor mediametrics mediacodec audioserver cameraserver mediaserver }:dir { search }; +allow hal_memtrack_default { mediadrmserver mediaextractor mediametrics mediacodec audioserver cameraserver mediaserver }:file { read open getattr }; + +allow hal_memtrack_default { logd ueventd vold system_server init shell surfaceflinger lmkd healthd system_control }:dir { search }; +allow hal_memtrack_default { logd ueventd vold system_server init shell surfaceflinger lmkd healthd system_control }:file { read open getattr }; + |