device/amlogic/common.git - Unnamed repository; edit this file 'description' to name the repository.

1 #allow system_app sysfs_lowmemorykiller:file { getattr w_file_perms };
2 #allow system_app subtitle_service:service_manager add;
3 #
4 ##added for atv remote
5 #allow system_app uhid_device:dir r_dir_perms;
6 #
7 #allow system_app dhcp_data_file:file { r_file_perms };
8 #allow system_app ppp_data_file:dir { create_dir_perms };
9 #allow system_app ppp_data_file:file { create_file_perms };
10 #allow system_app ppp_data_file:sock_file { create_file_perms };
11 #allow system_app pppoe_wrapper_socket:sock_file { write setattr };
12 #allow system_app pppoe_wrapper_socket:file { getattr write open };
13 #allow system_app pppoe_wrapper:unix_dgram_socket sendto;
14 #allow system_app dhcp_data_file:dir { r_dir_perms };
15 #allow system_app dhcp_data_file:fifo_file { r_file_perms };
16 #
17 #allow system_app vold:unix_stream_socket connectto;
18 #allow system_app pppoe_service:service_manager add;
19 #allow system_app dig_socket:sock_file write;
20 #
21 #allow system_app iso9660:dir { search read open };
22 #allow system_app unlabeled:dir { search read write getattr };
23 #allow system_app unlabeled:file { lock open read write getattr };
24 #
25 ## /cache_file for dvb app creat update.zip file at /cache  dir
26 allow system_app cache_file:dir { search add_name write };
27 allow system_app cache_file:file { create getattr open write };
28 #
29 #allow system_app log_file:dir { search read open getattr };
30 #allow system_app log_file:file { read open getattr };
31 #allow system_app tombstone_data_file:dir r_dir_perms;
32 #allow system_app tombstone_data_file:file r_file_perms;
33 #
34 #allow system_app shell_data_file:dir search;
35 #allow system_app graphics_device:dir search;
36 #allow system_app sysfs_xbmc:file {open read write};
37 #allow system_app media_prop:property_service set;
38 #allow system_app system_app:process setfscreate;
39 #allow system_app socket_device:sock_file setattr;
40 #allow system_app pppoe_wrapper_socket:sock_file create;
41 #allow system_app pppoe_wrapper_socket:sock_file unlink;
42 #allow system_app pppoe_wrapper_socket:file create;
43
44 allow system_app cache_recovery_file:dir { search read open write add_name remove_name };
45 allow system_app cache_recovery_file:file { create getattr open read write unlink  };
46
47 allow system_app update_engine:binder {call transfer};
48 #
49 #allow system_app tv_prop:file {open read getattr};
50 #allow system_app tv_prop:property_service {set};
51
52 allow system_app rootfs:dir { getattr };
53
54 allow system_app vendor_file:file { read open getattr execute };
55
56 allow system_app system_app:netlink_kobject_uevent_socket { create };
57
58 allow system_app update_data_file:dir search;
59
60 #allow system_app update_data_file:dir { getattr search read write open add_name remove_name };
61 #allow system_app update_data_file:file { getattr write read create open unlink };
62
63 allow system_app { pppoe_service subtitle_service }:service_manager { add };
64
65 allow system_app system_app:netlink_kobject_uevent_socket { create setopt bind read getopt };
66
67 #allow system_app socket_device:sock_file { write };
68
69 allow system_app exfat:dir create_dir_perms;
70 allow system_app exfat:file create_file_perms;
71
72 allow system_app ntfs:dir create_dir_perms;
73 allow system_app ntfs:file create_file_perms;
74
75 allow system_app mnt_media_rw_file:dir r_dir_perms;
76 allow system_app { systemcontrol_hwservice hdmicecd_hwservice }:hwservice_manager { find };
77
78 allow system_app { system_control hdmicecd }:binder { call transfer };
79
80 allow system_app droidvold_hwservice:hwservice_manager { find };
81 allow system_app droidvold:binder { call transfer };
82
83 allow system_app droidmount_service:service_manager { add };
84
85 allow system_app fuseblk:dir create_dir_perms;
86 allow system_app fuseblk:file create_file_perms;
87
1	#allow system_app sysfs_lowmemorykiller:file { getattr w_file_perms };
2	#allow system_app subtitle_service:service_manager add;
3	#
4	##added for atv remote
5	#allow system_app uhid_device:dir r_dir_perms;
6	#
7	#allow system_app dhcp_data_file:file { r_file_perms };
8	#allow system_app ppp_data_file:dir { create_dir_perms };
9	#allow system_app ppp_data_file:file { create_file_perms };
10	#allow system_app ppp_data_file:sock_file { create_file_perms };
11	#allow system_app pppoe_wrapper_socket:sock_file { write setattr };
12	#allow system_app pppoe_wrapper_socket:file { getattr write open };
13	#allow system_app pppoe_wrapper:unix_dgram_socket sendto;
14	#allow system_app dhcp_data_file:dir { r_dir_perms };
15	#allow system_app dhcp_data_file:fifo_file { r_file_perms };
16	#
17	#allow system_app vold:unix_stream_socket connectto;
18	#allow system_app pppoe_service:service_manager add;
19	#allow system_app dig_socket:sock_file write;
20	#
21	#allow system_app iso9660:dir { search read open };
22	#allow system_app unlabeled:dir { search read write getattr };
23	#allow system_app unlabeled:file { lock open read write getattr };
24	#
25	## /cache_file for dvb app creat update.zip file at /cache dir
26	allow system_app cache_file:dir { search add_name write };
27	allow system_app cache_file:file { create getattr open write };
28	#
29	#allow system_app log_file:dir { search read open getattr };
30	#allow system_app log_file:file { read open getattr };
31	#allow system_app tombstone_data_file:dir r_dir_perms;
32	#allow system_app tombstone_data_file:file r_file_perms;
33	#
34	#allow system_app shell_data_file:dir search;
35	#allow system_app graphics_device:dir search;
36	#allow system_app sysfs_xbmc:file {open read write};
37	#allow system_app media_prop:property_service set;
38	#allow system_app system_app:process setfscreate;
39	#allow system_app socket_device:sock_file setattr;
40	#allow system_app pppoe_wrapper_socket:sock_file create;
41	#allow system_app pppoe_wrapper_socket:sock_file unlink;
42	#allow system_app pppoe_wrapper_socket:file create;
43
44	allow system_app cache_recovery_file:dir { search read open write add_name remove_name };
45	allow system_app cache_recovery_file:file { create getattr open read write unlink };
46
47	allow system_app update_engine:binder {call transfer};
48	#
49	#allow system_app tv_prop:file {open read getattr};
50	#allow system_app tv_prop:property_service {set};
51
52	allow system_app rootfs:dir { getattr };
53
54	allow system_app vendor_file:file { read open getattr execute };
55
56	allow system_app system_app:netlink_kobject_uevent_socket { create };
57
58	allow system_app update_data_file:dir search;
59
60	#allow system_app update_data_file:dir { getattr search read write open add_name remove_name };
61	#allow system_app update_data_file:file { getattr write read create open unlink };
62
63	allow system_app { pppoe_service subtitle_service }:service_manager { add };
64
65	allow system_app system_app:netlink_kobject_uevent_socket { create setopt bind read getopt };
66
67	#allow system_app socket_device:sock_file { write };
68
69	allow system_app exfat:dir create_dir_perms;
70	allow system_app exfat:file create_file_perms;
71
72	allow system_app ntfs:dir create_dir_perms;
73	allow system_app ntfs:file create_file_perms;
74
75	allow system_app mnt_media_rw_file:dir r_dir_perms;
76	allow system_app { systemcontrol_hwservice hdmicecd_hwservice }:hwservice_manager { find };
77
78	allow system_app { system_control hdmicecd }:binder { call transfer };
79
80	allow system_app droidvold_hwservice:hwservice_manager { find };
81	allow system_app droidvold:binder { call transfer };
82
83	allow system_app droidmount_service:service_manager { add };
84
85	allow system_app fuseblk:dir create_dir_perms;
86	allow system_app fuseblk:file create_file_perms;
87