drgreen/android_device_google_gs-common
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_device_google_gs-co.../insmod/sepolicy/insmod-sh.te
Kelvin Zhang 959ba11426 Skip loading kernel modules for 16K mode 
For boot options, 16K kernel modules are all stored under vendor_boot.
So we can skip loading modules from vendor_dlkm/system_dlkm
if device is in 16K mode and boot option is enabled.

Bug: 293313353
Change-Id: I46c440a7ce67dfbd0cce83dadbd908dff144c583
2024-04-22 16:23:46 -07:00

19 lines
646 B
Plaintext
Raw Blame History

type insmod-sh, domain;
type insmod-sh_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(insmod-sh)
allow insmod-sh self:capability sys_module;
allow insmod-sh system_dlkm_file:dir r_dir_perms;
allow insmod-sh system_dlkm_file:file r_file_perms;
allow insmod-sh system_dlkm_file:system module_load;
allow insmod-sh vendor_kernel_modules:system module_load;
allow insmod-sh vendor_toolbox_exec:file execute_no_trans;
set_prop(insmod-sh, vendor_device_prop)
get_prop(insmod-sh, enable_16k_pages_prop)
allow insmod-sh kmsg_debug_device:chr_file { w_file_perms ioctl getattr };
dontaudit insmod-sh proc_cmdline:file r_file_perms;
Reference in New Issue View Git Blame Copy Permalink