1# ============================================== 2# MTK Policy Rule 3# ============================================== 4# recovery console (used in recovery init.rc for /sbin/recovery) 5 6# Date : WK15.13 7# Operation : UT 8# Purpose : Nand device policy 9allow recovery mtd_device:dir search; 10allow recovery mtd_device:chr_file rw_file_perms; 11allow recovery self:capability sys_resource; 12 13# Date : WK18.16 14# Operation : UT 15# Purpose : Refine policy 16allow recovery misc_sd_device:chr_file rw_file_perms; 17allow recovery vfat:dir r_dir_perms; 18allow recovery vfat:file r_file_perms; 19allow recovery sysfs_devices_block:dir r_dir_perms; 20allow recovery sysfs_devices_block:file rw_file_perms; 21allow recovery sysfs_devices_block:lnk_file r_file_perms; 22 23# Date : WK18.25 24# Operation : UT 25# Purpose : Add policy for therm, gpu, battery, and boot_type 26allow recovery sysfs:dir r_dir_perms; 27allow recovery sysfs_batteryinfo:dir r_dir_perms; 28allow recovery sysfs_boot_type:file r_file_perms; 29allow recovery sysfs_therm:dir r_dir_perms; 30allow recovery sysfs_therm:file r_file_perms; 31allow recovery gpu_device:dir r_dir_perms; 32 33# Date : WK18.09 34# Operation : UT 35# Purpose : Allow recovery can update boot partition 36allow recovery tmpfs:lnk_file r_file_perms; 37 38# Date : WK19.03 39# Operation : UT 40# Purpose : Android Migration 41allow recovery bootdevice_block_device:blk_file rw_file_perms; 42allow recovery self:capability { sys_rawio fsetid }; 43allowxperm recovery bootdevice_block_device:blk_file ioctl { 44 MMC_IOCTLCMD 45 UFS_IOCTLCMD 46}; 47allow recovery block_device:blk_file ioctl; 48allowxperm recovery block_device:blk_file ioctl { 49 BLKIOMIN 50 BLKALIGNOFF 51}; 52allow recovery sysfs_dm:dir search; 53allow recovery sysfs_dm:file r_file_perms; 54allowxperm recovery tmpfs:file ioctl FS_IOC_FIEMAP; 55allowxperm recovery cache_block_device:blk_file ioctl BLKPBSZGET; 56allowxperm recovery nvdata_device:blk_file ioctl BLKPBSZGET; 57allow recovery proc_filesystems:file r_file_perms; 58