wayne: sepolicy: Add sepolicy for goodix script

Change-Id: Ic8b7dba6a5660c17f5db1c743e5d22f31ae1b1b3
author: TheScarastic <warabhishek@gmail.com> 2018-07-09 20:46:22 +0530
committer: Isaac Chen <isaacchen@isaacchen.cn> 2018-07-31 00:00:10 +0000
commit: 80a669c55aa6709695b0de72ba63a50b61ecb9ae (patch)
tree: ab360bfa4116e6ca721d6d1a97b2f40c7e1f5342 /sepolicy/init_fingerprint.te
parent: cff97f08322836a14c36ab8a5d60ecf1007390ad (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/sepolicy/init_fingerprint.te b/sepolicy/init_fingerprint.te
new file mode 100644
index 0000000..4c27535
--- /dev/null
+++ b/sepolicy/init_fingerprint.te
@@ -0,0 +1,15 @@
+type init_fingerprint, domain;
+type init_fingerprint_exec, exec_type, vendor_file_type, file_type;
+
+# Allow for transition from init domain to init_fingerprint
+init_daemon_domain(init_fingerprint)
+
+# Shell script needs to execute /vendor/bin/sh
+allow init_fingerprint vendor_shell_exec:file rx_file_perms;
+allow init_fingerprint vendor_toolbox_exec:file rx_file_perms;
+
+# Allow to delete file
+allow init_fingerprint persist_file:dir search;
+allow init_fingerprint persist_drm_file:dir { read search open write remove_name };
+allow init_fingerprint persist_drm_file:file { getattr unlink };
+allow init_fingerprint system_data_file:file r_file_perms;
author	TheScarastic <warabhishek@gmail.com>	2018-07-09 20:46:22 +0530
committer	Isaac Chen <isaacchen@isaacchen.cn>	2018-07-31 00:00:10 +0000
commit	80a669c55aa6709695b0de72ba63a50b61ecb9ae (patch)
tree	ab360bfa4116e6ca721d6d1a97b2f40c7e1f5342 /sepolicy/init_fingerprint.te
parent	cff97f08322836a14c36ab8a5d60ecf1007390ad (diff)