blob: c60ad7d7f8284f4fa710f404f31ff65b92b71905
1 | allow recovery aml_display_prop:property_service set; |
2 | allow recovery input_device:chr_file write; |
3 | allow recovery kmsg_device:chr_file { write open read }; |
4 | allow recovery self:netlink_kobject_uevent_socket { create setopt bind read }; |
5 | allow recovery sysfs_xbmc:file { read write open }; |
6 | allow recovery system_prop:property_service set; |
7 | allow recovery self:capability net_admin; |
8 | |
9 | allow recovery uboot_prop:property_service set; |
10 | allow recovery rootfs:dir create_dir_perms; |
11 | allow recovery sysfs:dir mounton; |
12 | |
13 | allow recovery vfat:dir create_dir_perms; |
14 | allow recovery vfat:file create_file_perms; |
15 | |
16 | allow recovery env_device:chr_file rw_file_perms; |
17 | allow recovery input_device:chr_file write; |
18 | allow recovery property_data_file:dir { search }; |
19 | allow recovery device:dir rw_dir_perms; |
20 | allow recovery bootloader_device:chr_file rw_file_perms; |
21 | allow recovery defendkey_device:chr_file rw_file_perms; |
22 | allow recovery dtb_device:chr_file { open read write }; |
23 | allow recovery aml_display_prop:property_service set; |
24 | allow recovery recovery:capability { net_admin }; |
25 | |
26 | allow recovery aml_display_prop:file {open read getattr}; |
27 | allow recovery uboot_prop:file {open read getattr}; |
28 | |
29 | allow recovery self:capability2 syslog; |
30 | allow recovery sysfs_fs_ext4_features:dir search; |
31 | allow recovery sysfs_fs_ext4_features:file read; |
32 | |
33 | #allow recovery update_data_file:file rw_file_perms; |
34 | #allow recovery update_data_file:dir { search read write open }; |
35 | |
36 | allow recovery graphics_device:dir {search}; |
37 | allow recovery graphics_device:chr_file {open read write ioctl}; |
38 | |
39 | allow shell rootfs:file { entrypoint execute getattr open read }; |
40 | |
41 | allow recovery bcmdl_prop:file { getattr open }; |
42 | allow recovery media_prop:file { getattr open }; |
43 | allow recovery sysfs_audio_cap:file read; |
44 | allow recovery sysfs_video:file { open read write }; |
45 | allow recovery tv_config_prop:file { getattr open }; |
46 | allow recovery tv_prop:file { getattr open }; |
47 | allow recovery wifi_prop:file { getattr open }; |
48 | |
49 | allow recovery ffs_prop:property_service set; |
50 | |
51 | allow shell tmpfs:file {open read getattr}; |
52 | allow shell sysfs:file { read open }; |
53 | allow shell rootfs:file {execute_no_trans}; |
54 |