blob: 122ac47e4ab6e1ac5564b0ca0e9ded049485ce37 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
#============= init ==============
allow init port:tcp_socket name_connect;
allow init self:tcp_socket { write getopt create read connect };
# Mount on and write to /proc/sys/fs/binfmt_misc.
allow init proc:dir mounton;
allow init binfmt_miscfs:file w_file_perms;
# /local_cfg
allow init tmpfs:lnk_file create_file_perms;
allow init rootfs:lnk_file setattr;
allow init rootfs:dir relabelto;
# /cache/telephony/[12]
allow init radio_cache_file:file rw_file_perms;
allow init radio_cache_file:dir { rw_dir_perms relabelto };
# /system/etc/security/sep_policy.conf is loaded
allow init sepfs:file w_file_perms;
# Allow shimlibs
allow init { domain -lmkd }:process noatsecure;
allow init kernel:system module_request;
allow init debugfs:file rw_file_perms;
|
