| # ============================================== |
| # Policy File of /system/binmdlogger Executable File |
| |
| |
| # ============================================== |
| # Type Declaration |
| # ============================================== |
| |
| type mdlogger_exec , exec_type, file_type; |
| type mdlogger ,domain; |
| |
| # ============================================== |
| # Android Policy Rule |
| # ============================================== |
| |
| # ============================================== |
| # NSA Policy Rule |
| # ============================================== |
| |
| # ============================================== |
| # MTK Policy Rule |
| # ============================================== |
| |
| #permissive mdlogger; |
| init_daemon_domain(mdlogger) |
| |
| binder_use(mdlogger) |
| binder_service(mdlogger) |
| |
| #=============allow mdlogger to set ============== |
| allow mdlogger debug_mdlogger_prop:property_service set; |
| allow mdlogger debug_prop:property_service set; |
| allow mdlogger ccci_device:chr_file { read write ioctl open }; |
| allow mdlogger ttyGS_device:chr_file { read write open ioctl}; |
| allow mdlogger fuse:dir { write search create rmdir add_name remove_name read open rename}; |
| allow mdlogger fuse:file { write read create open rename unlink getattr setattr append}; |
| allow mdlogger mdlog_data_file:dir { write search read create open rmdir remove_name add_name relabelto getattr}; |
| allow mdlogger mdlog_data_file:fifo_file { read open create setattr}; |
| allow mdlogger mdlog_data_file:file { write read create open rename unlink getattr setattr}; |
| allow mdlogger mdlog_device:chr_file { read write open ioctl}; |
| allow mdlogger system_data_file:dir { write create open add_name relabelfrom}; |
| |
| allow mdlogger init:unix_stream_socket connectto; |
| allow mdlogger property_socket:sock_file write; |
| allow mdlogger platform_app:unix_stream_socket connectto; |
| |
| allow mdlogger shell_exec:file { read execute open execute_no_trans }; |
| allow mdlogger system_file:file execute_no_trans; |
| allow mdlogger zygote_exec:file { read getattr open }; |
| #allow mdlogger tmpfs:lnk_file read; |
| |
| #============= mdlogger usb logging ============== |
| # Date : 2014/09/26 |
| # Operation : Migration |
| # Purpose : [MDLOGGER] [mdlogger usb logging tcp_socket] |
| # Package: system/bin/mdlogger |
| |
| allow mdlogger fuse:dir search; |
| allow mdlogger node:tcp_socket node_bind; |
| allow mdlogger port:tcp_socket name_bind; |
| allow mdlogger self:tcp_socket { write read bind create setopt accept listen }; |
| |
| #========================================================= |
| #modem logger SD logging in factory mode |
| #========================================================= |
| allow mdlogger vfat:dir create_dir_perms; |
| allow mdlogger vfat:file create_file_perms; |
| |
| #========================================================= |
| #modem logger permission in storage in android M version |
| #========================================================= |
| allow mdlogger log_device:chr_file w_file_perms; |
| allow mdlogger tmpfs:lnk_file read; |
| #allow mdlogger storage_file:dir search; |
| allow mdlogger storage_file:lnk_file rw_file_perms; |
| allow mdlogger mnt_user_file:dir search; |
| allow mdlogger mnt_user_file:lnk_file rw_file_perms; |
| allow mdlogger fuse:file create_file_perms; |
| |