-
Notifications
You must be signed in to change notification settings - Fork 3
/
hdcpd.te
22 lines (21 loc) · 951 Bytes
/
hdcpd.te
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
# Rules for system/bin/dhcpd
type hdcpd, domain;
type hdcpd_exec, exec_type, file_type;
init_daemon_domain(hdcpd);
binder_use(hdcpd)
binder_call(hdcpd, msync)
binder_call(hdcpd, surfaceflinger)
allow hdcpd self:capability { dac_override setuid chown sys_admin ipc_lock };
allow hdcpd self:netlink_kobject_uevent_socket create_socket_perms;
allow hdcpd sysfs:file write;
# TODO: remove rules for system_data_file if they can be replaced
# by hdcpd_data_file ones
allow hdcpd system_data_file:dir { create_dir_perms };
allow hdcpd system_data_file:sock_file { create link_file_perms };
allow hdcpd system_data_file:file create_file_perms;
allow hdcpd hdcpd_data_file:dir { create_dir_perms };
allow hdcpd hdcpd_data_file:sock_file { create link_file_perms };
allow hdcpd hdcpd_data_file:file create_file_perms;
allow hdcpd coreu_tmpfs:file { rw_file_perms };
allow hdcpd hdcpd_tmpfs:file { lock create open };
allow hdcpd tmpfs:dir { write add_name };