1# ============================================== 2# MTK Policy Rule 3# ============================================== 4 5# Purpose: access for SYS_MEMORY_INFO 6allow dumpstate fuse:dir { w_dir_perms }; 7allow dumpstate fuse:file { write create open setattr append }; 8 9# Purpose: mnt/user/* 10allow dumpstate mnt_user_file:dir search; 11allow dumpstate mnt_user_file:lnk_file read; 12 13# Purpose: /storage/* 14allow dumpstate storage_file:lnk_file read; 15 16# Purpose: timer_intval. this is neverallow 17#allow dumpstate app_data_file:dir search; 18allow dumpstate kmsg_device:chr_file r_file_perms; 19 20# Purpose: 21# 01-01 18:00:35.600 7723 7723 I ps : type=1400 audit(0.0:63712): avc: 22# denied { ioctl } for path="/storage/emulated/0/mtklog/aee_exp/temp/db.PQtNt4/ 23# SYS_ALL_THREADS" dev="fuse" ino=209 ioctlcmd=5401 scontext=u:r:dumpstate:s0 24# tcontext=u:object_r:fuse:s0 tclass=file permissive=1 25allow dumpstate fuse:file ioctl; 26 27# Purpose: 28# 01-01 17:59:14.440 7664 7664 I aee_dumpstate: type=1400 audit(0.0:63497): 29# avc: denied { open } for path="/sys/kernel/debug/tracing/tracing_on" dev= 30# "debugfs" ino=2087 scontext=u:r:dumpstate:s0 tcontext=u:object_r: 31# tracing_shell_writable:s0 tclass=file permissive=1 32allow dumpstate debugfs_tracing:file { write read open }; 33allow dumpstate tracing_shell_writable:file { write read open }; 34 35# Data : WK17.03 36# Purpose: Allow to access gpu 37allow dumpstate gpu_device:dir search; 38 39# Date: 2017/07/11 40# Purpose: 01-01 08:30:57.474 286 286 E SELinux : avc: denied { find } for interface= 41# android.hardware.camera.provider::ICameraProvider pid=3133 scontext=u:r:dumpstate:s0 tcontext= 42# u:object_r:hal_camera_hwservice:s0 tclass=hwservice_manager 43#allow dumpstate hal_camera_hwservice:hwservice_manager find; 44