f938468e2e
reference: https://source.android.com/docs/core/architecture/partitions/gki-partitions#selinux Bug: 267429528 Change-Id: I7a675c0f089452379d5675a353fbfd866cfd3edc Signed-off-by: Robin Peng <robinpeng@google.com>
15 lines
526 B
Plaintext
15 lines
526 B
Plaintext
type insmod-sh, domain;
|
|
type insmod-sh_exec, vendor_file_type, exec_type, file_type;
|
|
init_daemon_domain(insmod-sh)
|
|
|
|
allow insmod-sh self:capability sys_module;
|
|
allow insmod-sh system_dlkm_file:dir r_dir_perms;
|
|
allow insmod-sh system_dlkm_file:file r_file_perms;
|
|
allow insmod-sh system_dlkm_file:system module_load;
|
|
allow insmod-sh vendor_kernel_modules:system module_load;
|
|
allow insmod-sh vendor_toolbox_exec:file execute_no_trans;
|
|
|
|
set_prop(insmod-sh, vendor_device_prop)
|
|
|
|
dontaudit insmod-sh proc_cmdline:file r_file_perms;
|