23 lines
690 B
Plaintext
Executable File
23 lines
690 B
Plaintext
Executable File
|
|
# Additional rules for kernel
|
|
allow kernel dm_device:blk_file setattr;
|
|
allow kernel block_device:blk_file { read write open };
|
|
|
|
# mr1
|
|
allow kernel self:capability { mknod mknod };
|
|
allow kernel self:netlink_route_socket create;
|
|
allow kernel block_device:blk_file rw_file_perms;
|
|
|
|
allow kernel device:chr_file { create setattr getattr unlink };
|
|
allow kernel device:dir { remove_name write add_name create rmdir };
|
|
|
|
allow kernel kernel:system { module_request };
|
|
allow kernel vendor_file:file { open read };
|
|
|
|
# for diag over socket
|
|
userdebug_or_eng(`
|
|
allow kernel self:socket create;
|
|
#allow kernel device:blk_file { create setattr getattr unlink };
|
|
')
|
|
dontaudit kernel self:socket create;
|