fuquan/android_mt6572_jiabo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_mt6572_jiabo/device/qcom/sepolicy/common/untrusted_app.te
FuQuan 3ff2876a30 first commit
2025-09-05 16:56:03 +08:00

35 lines
1.1 KiB
Text
Raw Permalink Blame History

# access to perflock
unix_socket_send(untrusted_app, mpctl, mpdecision)
unix_socket_connect(untrusted_app, mpctl, mpdecision)
# diag device node access is restricted to untrusted_app
neverallow untrusted_app diag_device:chr_file rw_file_perms;
# allow apps to read battery status
allow untrusted_app sysfs_battery_supply:dir r_dir_perms;
allow untrusted_app sysfs_battery_supply:file r_file_perms;
# allow apps to read charging status
allow untrusted_app sysfs_dc_supply:dir r_dir_perms;
allow untrusted_app sysfs_dc_supply:file r_file_perms;
allow untrusted_app sysfs_usb_supply:dir r_dir_perms;
allow untrusted_app sysfs_usb_supply:file r_file_perms;
# test apps needs to communicate with imscm
# using binder call
userdebug_or_eng(`
binder_call(untrusted_app, imscm)
allow untrusted_app imscm_service:service_manager find;
')
# for finding wbc_service
allow untrusted_app wbc_service:service_manager find;
# using binder call
userdebug_or_eng(`
allow untrusted_app improve_touch_service:service_manager find;
binder_call(untrusted_app, hbtp);
')
# for finding gba_auth_service
allow untrusted_app gba_auth_service:service_manager find;
Reference in a new issue View git blame Copy permalink