summaryrefslogtreecommitdiff
path: root/sepolicy
diff options
context:
space:
mode:
authornailyk-fr <nailyk_git@nailyk.fr>2017-03-26 20:07:26 +0200
committerMax Weffers <rcstar6696@gmail.com>2017-03-27 14:26:06 +0200
commit593f3450a000ba6071b967b20c1dd6a06b4c507c (patch)
treef785499202a44cef9c53c5ca873bbf1f37d9e260 /sepolicy
parent93a5a2ccfc6f69132ec632a0c95a7277d2042de1 (diff)
shinano-common: sepolicies: Remove obsoletes files
Change-Id: If833437e19f05e24a448caec9c7e569d34ba6c82
Diffstat (limited to 'sepolicy')
-rw-r--r--sepolicy/cameraserver_old28
-rw-r--r--sepolicy/workarounds_old232
2 files changed, 0 insertions, 260 deletions
diff --git a/sepolicy/cameraserver_old b/sepolicy/cameraserver_old
deleted file mode 100644
index 2a27807..0000000
--- a/sepolicy/cameraserver_old
+++ /dev/null
@@ -1,28 +0,0 @@
-allow cameraserver mm-qcamerad:unix_dgram_socket sendto;
-allow cameraserver mm-qcamerad:unix_stream_socket connectto;
-allow cameraserver camera_data_file:sock_file write;
-allow mm-qcamerad cameraserver:unix_dgram_socket sendto;
-allow mm-qcamerad cameraserver:unix_stream_socket connectto;
-allow mm-qcamerad camera_data_file:sock_file rw_file_perms;
-allow cameraserver gpu_device:chr_file rw_file_perms;
-allow cameraserver rootfs:lnk_file getattr;
-allow cameraserver sysfs_camera_torch:file rw_file_perms;
-allow cameraserver sysfs_camera_torch:dir search;
-allow cameraserver sysfs_camera_torch:lnk_file read;
-allow cameraserver ta_data_file:dir search;
-#allow cameraserver secd:unix_stream_socket connectto;
-#allow cameraserver secd_socket:sock_file write;
-
-allow cameraserver camera_data_file:unix_dgram_socket sendto;
-allow cameraserver camera_data_file:unix_stream_socket connectto;
-allow mm-qcamerad camera_data_file:unix_dgram_socket sendto;
-allow mm-qcamerad camera_data_file:unix_stream_socket connectto;
-
-allow mm-qcamerad ion_device:chr_file { ioctl open read };
-allow cameraserver ion_device:chr_file { ioctl open read };
-
-
-allow cameraserver secd_socket:unix_dgram_socket sendto;
-allow cameraserver secd_socket:unix_stream_socket connectto;
-allow mm-qcamerad secd_socket:unix_dgram_socket sendto;
-allow mm-qcamerad secd_socket:unix_stream_socket connectto;
diff --git a/sepolicy/workarounds_old b/sepolicy/workarounds_old
deleted file mode 100644
index 310c2f1..0000000
--- a/sepolicy/workarounds_old
+++ /dev/null
@@ -1,232 +0,0 @@
-
-allow cameraserver camera_socket:dir { search write add_name };
-allow cameraserver camera_socket:file { read write getattr open };
-allow mm-qcamerad camera_socket:dir { search write add_name };
-allow mm-qcamerad camera_socket:file { read write getattr open };
-
-
-#============= credmgr ==============
-allow credmgr iddd_file:dir search;
-allow credmgr tmpfs:lnk_file read;
-
-#============= iddd ==============
-allow iddd tmpfs:lnk_file read;
-
-#============= mm-qcamerad ==============
-allow mm-qcamerad devpts:chr_file { open read write };
-allow mm-qcamerad mm-qcamerad_exec:file execute_no_trans;
-
-#============= qti_init_shell ==============
-allow qti_init_shell iddd_file:dir { getattr open read remove_name rmdir write };
-allow qti_init_shell toolbox_exec:file entrypoint;
-
-#============= scd ==============
-allow scd scd_data:dir getattr;
-allow scd scd_data:file { getattr open read write };
-
-#============= tad ==============
-allow tad proc:file getattr;
-
-#============= vold ==============
-allow vold iddd_file:dir { ioctl open read };
-
-
-
-#============= credmgr ==============
-allow credmgr iddd:unix_dgram_socket sendto;
-allow credmgr iddd_file:sock_file write;
-allow credmgr secd_data_file:file { write getattr setattr read lock open };
-allow credmgr self:capability dac_override;
-allow credmgr socket_device:sock_file write;
-allow credmgr suntrold:unix_stream_socket connectto;
-allow credmgr tad:unix_stream_socket connectto;
-allow credmgr tad_socket:sock_file write;
-allow credmgr tee_device:chr_file { read write open ioctl };
-
-#============= iddd ==============
-allow iddd default_prop:property_service set;
-allow iddd iddd_file:dir { remove_name search add_name };
-allow iddd iddd_file:file { rename create };
-allow iddd init:unix_stream_socket connectto;
-allow iddd property_socket:sock_file write;
-allow iddd iddd_file:file unlink;
-allow iddd iddd_file:sock_file { write create unlink setattr };
-allow iddd logd:unix_stream_socket connectto;
-allow iddd logdr_socket:sock_file write;
-allow iddd self:netlink_socket { write bind create };
-allow iddd system_file:file execute_no_trans;
-
-#============= mediaserver ==============
-allow mediaserver credmgr:unix_stream_socket connectto;
-allow mediaserver socket_device:sock_file write;
-
-#============= suntrold ==============
-allow suntrold self:capability dac_override;
-allow suntrold socket_device:dir add_name;
-allow suntrold socket_device:sock_file { create setattr };
-allow suntrold tad:unix_stream_socket connectto;
-allow suntrold tad_socket:sock_file write;
-allow suntrold tee_device:chr_file { read write ioctl open };
-
-#============= system_server ==============
-allow system_server ta_data_file:file { read open };
-
-#============= ta_qmi ==============
-allow ta_qmi self:capability { setuid setgid };
-
-#============= tad ==============
-allow tad block_device:blk_file { read write ioctl open };
-allow tad iddd:unix_dgram_socket sendto;
-allow tad iddd_file:sock_file write;
-
-#============= thermanager ==============
-allow thermanager sysfs_battery_supply:dir search;
-allow thermanager sysfs_battery_supply:file { read write open };
-
-
-
-
-#============= init ==============
-allow init block_device:blk_file setattr;
-allow init debugfs:dir mounton;
-allow init self:socket { read bind create write ioctl };
-allow init smem_log_device:chr_file { write ioctl };
-allow init socket_device:sock_file { create unlink setattr };
-
-#============= taimport ==============
-allow taimport ta_data_file:file unlink;
-
-
-#============= credmgr ==============
-allow credmgr ion_device:chr_file { ioctl open read };
-
-#============= init ==============
-allow init debugfs:file write;
-
-#============= qti_init_shell ==============
-allow qti_init_shell tad:unix_stream_socket connectto;
-allow qti_init_shell tad_socket:sock_file write;
-
-#============= scd ==============
-allow scd socket_device:dir { add_name write };
-allow scd socket_device:sock_file { create setattr };
-allow scd sysfs:file { getattr open read };
-
-#============= suntrold ==============
-allow suntrold ion_device:chr_file { ioctl open read };
-
-#============= tad ==============
-allow tad proc:file { open read };
-allow tad rootfs:file { entrypoint read };
-
-#============= taimport ==============
-allow taimport adbsecure_prop:property_service set;
-allow taimport init:unix_stream_socket connectto;
-allow taimport property_socket:sock_file write;
-
-#============= thermanager ==============
-allow thermanager sysfs:file { open read };
-
-#============= wv ==============
-allow wv ion_device:chr_file { ioctl open read };
-allow wv socket_device:sock_file write;
-allow wv suntrold:unix_stream_socket connectto;
-allow wv tad:unix_stream_socket connectto;
-allow wv tad_socket:sock_file write;
-allow wv tee_device:chr_file { ioctl open read write };
-
-
-
-
-
-#============= cameraserver ==============
-allow cameraserver ta_data_file:dir { getattr open read };
-allow cameraserver sudaemon:unix_dgram_socket sendto;
-allow cameraserver sudaemon:unix_stream_socket connectto;
-allow cameraserver mm-qcamerad:unix_stream_socket sendto;
-allow cameraserver mm-qcamerad:unix_stream_socket connectto;
-
-
-
-#============r credmgr ==============
-allow credmgr ion_device:chr_file { ioctl open read };
-
-#============= init ==============
-allow init debugfs:file write;
-
-#============= mm-qcamerad ==============
-allow mm-qcamerad system_file:file execmod;
-allow mm-qcamerad system_prop:property_service set;
-allow mm-qcamerad ta_data_file:dir { getattr open read };
-
-#============= qti_init_shell ==============
-allow qti_init_shell tad:unix_stream_socket connectto;
-allow qti_init_shell tad_socket:sock_file write;
-
-#============= scd ==============
-allow scd socket_device:dir { add_name write };
-allow scd socket_device:sock_file { create setattr };
-allow scd sysfs:file { getattr open read };
-
-#============= suntrold ==============
-allow suntrold ion_device:chr_file { ioctl open read };
-
-#============= tad ==============
-allow tad proc:file { open read };
-allow tad rootfs:file { entrypoint read };
-
-#============= taimport ==============
-allow taimport adbsecure_prop:property_service set;
-allow taimport init:unix_stream_socket connectto;
-allow taimport property_socket:sock_file write;
-
-#============= thermanager ==============
-allow thermanager sysfs:file { open read };
-
-#============= wv ==============
-allow wv ion_device:chr_file { ioctl open read };
-allow wv socket_device:sock_file write;
-allow wv suntrold:unix_stream_socket connectto;
-allow wv tad:unix_stream_socket connectto;
-allow wv tad_socket:sock_file write;
-allow wv tee_device:chr_file { ioctl open read write };
-
-
-#============= mm-qcamerad_exec ==============
-allow mm-qcamerad_exec camera_data_file:dir { add_name remove_name search write };
-allow mm-qcamerad_exec camera_data_file:sock_file { create unlink };
-allow mm-qcamerad_exec debug_prop:file { getattr open read };
-allow mm-qcamerad_exec debugfs:dir search;
-allow mm-qcamerad_exec debugfs_trace_marker:file { open write };
-allow mm-qcamerad_exec debugfs_tracing:dir search;
-allow mm-qcamerad_exec default_prop:file { getattr open read };
-allow mm-qcamerad_exec device:dir search;
-allow mm-qcamerad_exec init:fd use;
-allow mm-qcamerad_exec init:process sigchld;
-allow mm-qcamerad_exec ion_device:chr_file { open read };
-allow mm-qcamerad_exec kernel:system module_request;
-allow mm-qcamerad_exec null_device:chr_file { read write };
-allow mm-qcamerad_exec proc:lnk_file read;
-allow mm-qcamerad_exec properties_device:dir { getattr search };
-allow mm-qcamerad_exec properties_serial:file { getattr open read };
-allow mm-qcamerad_exec property_contexts:file { getattr open read };
-allow mm-qcamerad_exec rootfs:lnk_file { getattr read };
-allow mm-qcamerad_exec self:dir { read search };
-allow mm-qcamerad_exec self:file { getattr open read };
-allow mm-qcamerad_exec self:lnk_file read;
-allow mm-qcamerad_exec self:process { fork setsched };
-allow mm-qcamerad_exec self:unix_dgram_socket { bind create read };
-allow mm-qcamerad_exec self:unix_stream_socket { bind connect create listen write };
-allow mm-qcamerad_exec sysfs:dir search;
-allow mm-qcamerad_exec sysfs_devices_system_cpu:dir search;
-allow mm-qcamerad_exec sysfs_devices_system_cpu:file { getattr open read };
-allow mm-qcamerad_exec system_data_file:dir search;
-allow mm-qcamerad_exec urandom_device:chr_file { getattr ioctl open read };
-allow mm-qcamerad_exec video_device:chr_file { ioctl open read write };
-
-
-#============= cameraserver ==============
-allow cameraserver mm-qcamerad_exec:unix_dgram_socket sendto;
-allow cameraserver credmgr:unix_stream_socket connectto;
-allow cameraserver secd_socket:sock_file write;
-