Android APK 中启动特定的 bin 服务

首先参考资料: http://www.2cto.com/kf/201412/363630.html

    日前工作中遇到一个需求:要求在启动App时,启动对应的bin 服务,从而使得实现APK作为Client端,而bin 服务作为 Server端 实现两者socket通信。

    首先bin 服务文件是由同事A君负责用C语言编写实现,完成后编译到Android手机的system/bin 目录下,名称为:cloudtestsuited ;

    至于APK则是由本人负责编写实现,利用socket实现两者的通信。

    为了实现打开apk即打开了对应的bin服务,故需要实现在apk中启动bin服务需求。

在本案中是利用通过init.rc启动系统服务来运行对应的bin服务文件;

1.Android启动文件系统后调用的会调用第一个应用程序是/init,此文件一个很重要的内容就是解析了init.rc和init.xxx.rc,然后执行解析出来的任务。而init.rc,可以在系统的初始化过程中进行一些简单的初始化操作。利用这一点,可以编写简单的关机或重启的sh脚本文件,通过系统init解析,执行相应的操作。

以mtk 6795平台工程为例(后文都是此平台),在device/amt/amt6795_evb_m/init.project.rc 文件中添加如下代码:

on post-fs-data //在此节点下添加如下代码
    chmod 0777 /system/bin/cloudtestsuited

on init // 在此节点下添加如下代码
service cloudtestsuited /system/bin/cloudtestsuited
         class main
         oneshot
         disabled

oneshot选项表示该服务只启动一次,而如果没有oneshot选项,这个可执行程序会一直存在--如果可执行程序被杀死,则会重新启动。

disabled 表示禁用服务,此服务开机时不会自动启动,但是可以在应用程序中手动启动它。

参考代码文件:

# MTK project .rc configure

import init.mt6795.usb.rc

on init
    mkdir /mnt/media_rw/usbotg 0700 media_rw media_rw
    mkdir /storage/usbotg 0700 root root

on post-fs-data

#
# Connectivity related device nodes & configuration (begin)
#

#/dev/ttyMT2 for Connectivity BT/FM/GPS usage
    chmod 0660 /dev/ttyMT2
    chown system system /dev/ttyMT2


# STP, WMT, GPS, FM and BT Driver
#   insmod /system/lib/modules/mtk_hif_sdio.ko
#   insmod /system/lib/modules/mtk_stp_wmt.ko
#   insmod /system/lib/modules/mtk_stp_uart.ko
#   insmod /system/lib/modules/mtk_stp_gps.ko
#   insmod /system/lib/modules/mtk_stp_bt.ko
#   insmod /system/lib/modules/mtk_fm_drv.ko
#   insmod /system/lib/modules/mtk_wmt_wifi.ko

#SMB
    chown system system /proc/smb/ScreenComm
    chmod 0660 /proc/smb/ScreenComm
    
# Create char device file for WMT, GPS, BT, FM, WIFI
#    mknod /dev/stpwmt c 190 0;
#    mknod /dev/stpgps c 191 0;
#    mknod /dev/stpbt  c 192 0;

#    chmod 0660 /dev/stpwmt
#    chown system system /dev/stpwmt
    
#    chmod 0660 /dev/wmtdetect
#    chown system system /dev/wmtdetect
 		
    mknod /dev/wmtWifi c 153 0
    chmod 0660 /dev/wmtWifi
    chown system system /dev/wmtWifi
#Camera
    chmod 0660 /dev/MAINAF
    chown system camera /dev/MAINAF

    chmod 0660 /dev/MAINAF2
    chown system camera /dev/MAINAF2

    chmod 0660 /dev/SUBAF
    chown system camera /dev/SUBAF

    chmod 0660 /dev/GAF001AF
    chown system camera /dev/GAF001AF
   
    chmod 0660 /dev/DW9714AF
    chown system camera /dev/DW9714AF
    
    chmod 0660 /dev/AD5820AF
    chown system camera /dev/AD5820AF
    
    chmod 0660 /dev/BU64745GWZAF
    chown system camera /dev/BU64745GWZAF
    
    chmod 0660 /dev/LC898212AF
    chown system camera /dev/LC898212AF

    chmod 0660 /dev/LC898122AF
    chown system camera /dev/LC898122AF

# BT
#    chmod 0660 /dev/stpbt
#    chown bluetooth radio /dev/stpbt

# Add by Janning begin
    chmod 0777 /system/bin/cloudtestsuited
# Add by Janning end

# GPS
#    chown gps gps /dev/stpgps
    chown gps gps /sys/class/gpsdrv/gps/pwrctl
    chown gps gps /sys/class/gpsdrv/gps/suspend
    chown gps gps /sys/class/gpsdrv/gps/state
    chown gps gps /sys/class/gpsdrv/gps/pwrsave
    chown gps gps /sys/class/gpsdrv/gps/status
#    chmod 0660 /dev/stpgps

# WiFi
    mkdir /data/misc/wifi 0770 wifi wifi
    mkdir /data/misc/wifi/sockets 0770 wifi wifi
    mkdir /data/misc/wpa_supplicant 0770 wifi wifi 
    chown wifi wifi /data/misc/wifi

# ANT
	chmod 0660 /dev/stpant
	chown ant radio /dev/stpant

#Disable for one Single loader
# Load WiFi Driver
#   insmod /system/lib/modules/wlan_mt.ko

# Char device for BT 3.0 HS
    mknod /dev/ampc0 c 151 0
    chown bluetooth bluetooth /dev/ampc0
    chmod 0660 /dev/ampc0

#
# Connectivity related device nodes & configuration (end)
#


on init
    # Refer to http://source.android.com/devices/tech/storage/index.html
    # It said, "Starting in Android 4.4, multiple external storage devices are surfaced to developers through 
    #           Context.getExternalFilesDirs(), Context.getExternalCacheDirs(), and Context.getObbDirs().
    #           External storage devices surfaced through these APIs must be a semi-permanent part of the device (such as an SD card slot in a battery compartment).
    #           Developers expect data stored in these locations to be available over long periods of time."
    # Therefore, if the target doesn't support sd hot-plugging (Ex: the SD card slot in a battery compartment), we need to export SECONDARY_STORAGE in 'boot' section
    # 
    # export SECONDARY_STORAGE /storage/sdcard1

service fuse_usbotg /system/bin/sdcard -u 1023 -g 1023 -w 1023 -d /mnt/media_rw/usbotg /storage/usbotg
    class late_start
    disabled

#
# Connectivity related services (Begin)
#

service wmt_loader /system/bin/wmt_loader
	class core
	user root
	group root
	oneshot

service 66xx_launcher /system/bin/6620_launcher -m 4 -p /system/etc/firmware/
    user system
    group system
	class core

on property:service.wcn.coredump.mode=2
start stp_dump

service stp_dump /system/bin/stp_dump3
	user root
	group root
	class core
	disabled
	oneshot

# Add by Janning begin
service cloudtestsuited /system/bin/cloudtestsuited
    class main
    disabled
# Add by Janning end

#
# Connectivity related services (End)
#

2.添加对应的selinux权限

在device\mediatek\common\sepolicy\file_contexts 文件中添加bin服务对应的权限:

# Add by silead begin
/system/bin/cloudtestsuited u:object_r:fpsvcd_exec:s0  //此行
# Add by silead end
device\mediatek\common\sepolicy\ system_app.te 文件中添加bin服务对应的权限:

# Add by silead 2016/03/18 begin
# add for fp.apk create file under '/data/silead/' file path
allow system_app fpsvcd_data_file:dir { create write add_name remove_name read open search};
allow system_app fpsvcd_data_file:file { unlink getattr create write open read };
# add for starting cloudtestsuited in apk
allow system_app fpsvcd_tmpfs:file { read write open getattr };
allow system_app fpsvcd_exec:file { getattr read execute open execute_no_trans };
allow system_app fpsvcd:dir { read open };
allow system_app tmpfs:dir { read write getattr };
# Add by silead 2016/03/18 end
device\mediatek\common\sepolicy\ 目录下新增一个权限 文件fpsvcd.te:
type fpsvcd_exec , exec_type, file_type;
type fpsvcd ,domain;
init_daemon_domain(fpsvcd)

allow fpsvcd fpsvcd:capability { sys_nice dac_override net_admin};
allow fpsvcd fpsvcd:capability2 { block_suspend };
allow fpsvcd init_tmpfs:file {getattr read open};
allow fpsvcd tmpfs:dir { write add_name };
allow fpsvcd fpsvcd_tmpfs:file { write create read open};
allow fpsvcd silead_fp_dev_device:chr_file { read write ioctl open };
allow fpsvcd uhid_device:chr_file { write open ioctl};
allow fpsvcd fpsvcd:netlink_kobject_uevent_socket {create read write setopt bind };
allow fpsvcd sysfs_wake_lock:file {write read open};
allow fpsvcd system_app:dir { read open };
#allow fpsvcd system_data_file:dir { create write add_name read open };
#allow fpsvcd system_data_file:file { create write open read };
allow fpsvcd fpsvcd_data_file:dir { create write add_name remove_name read open search};
allow fpsvcd fpsvcd_data_file:file {unlink getattr create write open read };
#allow fpsvcd silead_data_file:dir { search create write add_name read open };
#allow fpsvcd silead_data_file:file { create write open read getattr };
allow fpsvcd platform_app_tmpfs:file { open read write };
allow fpsvcd fingerprintd:dir { open read  };
allow fpsvcd fuse:dir { search open add_name remove_name read write create};
allow fpsvcd fuse:file { unlink open read write create getattr setattr rename};
allow fpsvcd property_socket:sock_file { write };
allow fpsvcd init:unix_stream_socket { connectto };
allow fpsvcd system_prop:property_service { set }; 
具体参考代码:

#
#############################
# Custom files
/custom(/.*)?		u:object_r:custom_file:s0

/dev/block/mtd(.*)?     u:object_r:mtd_device:s0

#############################
# Executables
# Meta/Factory Mode multi_init
/sbin/multi_init		u:object_r:init_exec:s0


#############################
# Data files
#
/data/aee_exp(/.*)?  u:object_r:aee_exp_data_file:s0
/data/agps_supl(/.*)?    u:object_r:agpsd_data_file:s0
/data/misc/gps(/.*)?   u:object_r:gps_data_file:s0
/data/anr/SF_RTT(/.*)? u:object_r:sf_rtt_file:s0
/data/app/mcRegistry(/.*)? u:object_r:mobicore_data_file:s0
/data/ccci_cfg(/.*)? u:object_r:ccci_cfg_file:s0
/data/flashless(/.*)? u:object_r:c2k_file:s0
/data/core(/.*)? u:object_r:aee_core_data_file:s0
/data/dontpanic(/.*)? u:object_r:dontpanic_data_file:s0
/data/dumpsys(/.*)?    u:object_r:aee_dumpsys_data_file:s0
/data/extmdl(/.*)? u:object_r:mdlog_data_file:s0
/data/http-proxy-cfg(/.*)? u:object_r:http_proxy_cfg_data_file:s0
/data/log_temp(/.*)? u:object_r:logtemp_data_file:s0
/data/lost\+found(/.*)? u:object_r:lost_found_data_file:s0
/data/mdlog(/.*)? u:object_r:mdlog_data_file:s0
/data/mdl(/.*)? u:object_r:mdlog_data_file:s0
/data/mdl3(/.*)? u:object_r:mdlog_data_file:s0
/data/mediaserver(/.*)? u:object_r:mediaserver_data_file:s0
/data/misc/acdapi(/.*)? u:object_r:acdapi_data_file:s0
/data/misc/akmd_set.txt u:object_r:akmd8963_access_file1:s0
/data/misc/mblog(/.*)? u:object_r:logmisc_data_file:s0
/data/misc/xlog(/.*)? u:object_r:xlog_data_file:s0
/data/misc/PDC.ini u:object_r:akmd8963_access_file2:s0
/data/misc/ppp(/.*)? u:object_r:ppp_data_file:s0
/data/.tp(/.*)? u:object_r:thermal_manager_data_file:s0
/data/misc/radvd(/.*)? u:object_r:radvd_data_file:s0
/data/misc/sensor.log		u:object_r:bmm050_sensor_log_file:s0
/data/misc/sensor(/.*)?		u:object_r:sensor_data_file:s0
/data/misc/stp_dump(/.*)? u:object_r:stp_dump_data_file:s0
/data/misc/wide-dhcpv6(/.*)? u:object_r:wide_dhcpv6_data_file:s0
/data/misc/wpa_supplicant(/.*)? u:object_r:wpa_supplicant_data_file:s0
/data/nfc_socket(/.*)? u:object_r:nfc_socket:s0
/data/nvram(/.*)? u:object_r:nvram_data_file:s0
/data/cct(/.*)? u:object_r:cct_data_file:s0
/data/md3(/.*)? u:object_r:c2k_file:s0
/nvdata(/.*)? u:object_r:nvdata_file:s0
/data/SF_dump(./*)? u:object_r:sf_bqdump_data_file:s0
/data/ipsec(./*)? u:object_r:wod_ipsec_conf_file:s0
/data/ipsec/wo(./*)? u:object_r:wod_apn_conf_file:s0
/data/data_tmpfs_log(/.*)? u:object_r:data_tmpfs_log_file:s0
/data/tmp_mnt/data_tmpfs_log(/.*)? u:object_r:data_tmpfs_log_file:s0
/data/setkey.conf        u:object_r:ims_ipsec_data_file:s0
/data/setkey_bak.conf    u:object_r:ims_ipsec_data_file:s0
/data/setkey_latest.conf u:object_r:ims_ipsec_data_file:s0
/data/key_provisioning(/.*)?         u:object_r:key_install_data_file:s0

##########################
# Devices
#
/dev/aal_als(/.*)? u:object_r:aal_als_device:s0
/dev/accdet(/.*)? u:object_r:accdet_device:s0
/dev/AD5820AF(/.*)? u:object_r:AD5820AF_device:s0
/dev/aed[0-9]+ u:object_r:aed_device:s0
/dev/als_ps(/.*)? u:object_r:als_ps_device:s0
/dev/ampc0(/.*)? u:object_r:ampc0_device:s0
/dev/android(/.*)? u:object_r:android_device:s0
/dev/barometer(/.*)? u:object_r:barometer_device:s0
/dev/humidity(/.*)? u:object_r:humidity_device:s0
/dev/block/zram0(/.*)? u:object_r:zram0_device:s0
/dev/bmtpool(/.*)? u:object_r:bmtpool_device:s0
/dev/bootimg(/.*)? u:object_r:bootimg_device:s0
/dev/BOOT(/.*)? u:object_r:BOOT_device:s0
/dev/btif(/.*)? u:object_r:btif_device:s0
/dev/btn(/.*)? u:object_r:btn_device:s0
/dev/BU6429AF(/.*)? u:object_r:BU6429AF_device:s0
/dev/BU64745GWZAF(/.*)? u:object_r:BU64745GWZAF_device:s0
/dev/MAINAF(/.*)? u:object_r:MAINAF_device:s0
/dev/MAIN2AF(/.*)? u:object_r:MAIN2AF_device:s0
/dev/SUBAF(/.*)? u:object_r:SUBAF_device:s0
/dev/cache(/.*)? u:object_r:cache_device:s0
/dev/CAM_CAL_DRV(/.*)? u:object_r:CAM_CAL_DRV_device:s0
/dev/camera-fdvt(/.*)? u:object_r:camera_fdvt_device:s0
/dev/camera-isp(/.*)? u:object_r:camera_isp_device:s0
/dev/camera-pipemgr(/.*)? u:object_r:camera_pipemgr_device:s0
/dev/camera-sysram(/.*)? u:object_r:camera_sysram_device:s0
/dev/ccci_monitor     u:object_r:ccci_monitor_device:s0
/dev/ccci.* u:object_r:ccci_device:s0
/dev/cpu_dma_latency(/.*)? u:object_r:cpu_dma_latency_device:s0
/dev/devmap(/.*)? u:object_r:devmap_device:s0
/dev/dummy_cam_cal(/.*)? u:object_r:dummy_cam_cal_device:s0
/dev/DW9714AF(/.*)? u:object_r:DW9714AF_device:s0
/dev/DW9814AF(/.*)? u:object_r:DW9814AF_device:s0
/dev/AK7345AF(/.*)? u:object_r:AK7345AF_device:s0
/dev/DW9714A(/.*)? u:object_r:DW9714A_device:s0
/dev/DW9718AF(/.*)? u:object_r:DW9718AF_device:s0
/dev/WV511AAF(/.*)? u:object_r:lens_device:s0
/dev/ebc(/.*)? u:object_r:ebc_device:s0
/dev/ebr[0-9]+ u:object_r:ebr_device:s0
/dev/eemcs.* u:object_r:eemcs_device:s0
/dev/emd.* u:object_r:emd_device:s0
/dev/etb        u:object_r:etb_device:s0
/dev/exm0(/.*)? u:object_r:exm0_device:s0
/dev/expdb(/.*)? u:object_r:expdb_device:s0
/dev/fat(/.*)? u:object_r:fat_device:s0
/dev/FM50AF(/.*)? u:object_r:FM50AF_device:s0
/dev/fm(/.*)? u:object_r:fm_device:s0
/dev/gps(/.*)? u:object_r:gps_device:s0
/dev/gsensor(/.*)? u:object_r:gsensor_device:s0
/dev/gyroscope(/.*)? u:object_r:gyroscope_device:s0
/dev/hdmitx(/.*)? u:object_r:graphics_device:s0
/dev/hid-keyboard(/.*)? u:object_r:hid_keyboard_device:s0
/dev/hotknot(/.*)? u:object_r:hotknot_device:s0
/dev/hwmsensor(/.*)? u:object_r:hwmsensor_device:s0
/dev/ion(/.*)? u:object_r:ion_device:s0
/dev/kd_camera_flashlight(/.*)? u:object_r:kd_camera_flashlight_device:s0
/dev/kd_camera_hw_bus2(/.*)? u:object_r:kd_camera_hw_bus2_device:s0
/dev/kd_camera_hw(/.*)? u:object_r:kd_camera_hw_device:s0
/dev/LC898122AF(/.*)? u:object_r:LC898122AF_device:s0
/dev/LC898212AF(/.*)? u:object_r:LC898212AF_device:s0
/dev/logo(/.*)? u:object_r:logo_device:s0
/dev/loop-control(/.*)? u:object_r:loop-control_device:s0
/dev/M4U_device(/.*)? u:object_r:M4U_device_device:s0
/dev/m_acc_misc(/.*)? u:object_r:m_acc_misc_device:s0
/dev/mali.* u:object_r:gpu_device:s0
/dev/MATV(/.*)? u:object_r:MATV_device:s0
/dev/m_batch_misc(/.*)? u:object_r:m_batch_misc_device:s0
/dev/mbr(/.*)? u:object_r:mbr_device:s0
/dev/md32(/.*)? u:object_r:md32_device:s0
/dev/scp(/.*)? u:object_r:scp_device:s0
/dev/met(/.*)? u:object_r:met_device:s0
/dev/misc-sd(/.*)? u:object_r:misc_sd_device:s0
/dev/misc(/.*)? u:object_r:misc_device:s0
/dev/misc2(/.*)? u:object_r:misc2_device:s0
/dev/MJC(/.*)? u:object_r:MJC_device:s0
/dev/m_mag_misc(/.*)? u:object_r:m_mag_misc_device:s0
/dev/mmp(/.*)? u:object_r:mmp_device:s0
/dev/mobicore u:object_r:mobicore_admin_device:s0
/dev/mobicore-user u:object_r:mobicore_user_device:s0
/dev/t-base-tui u:object_r:mobicore_tui_device:s0
/dev/msensor(/.*)? u:object_r:msensor_device:s0
/dev/MT6516_H264_DEC(/.*)? u:object_r:MT6516_H264_DEC_device:s0
/dev/mt6516-IDP(/.*)? u:object_r:mt6516_IDP_device:s0
/dev/MT6516_Int_SRAM(/.*)? u:object_r:MT6516_Int_SRAM_device:s0
/dev/mt6516-isp(/.*)? u:object_r:mt6516_isp_device:s0
/dev/mt6516_jpeg(/.*)? u:object_r:mt6516_jpeg_device:s0
/dev/MT6516_MM_QUEUE(/.*)? u:object_r:MT6516_MM_QUEUE_device:s0
/dev/MT6516_MP4_DEC(/.*)? u:object_r:MT6516_MP4_DEC_device:s0
/dev/MT6516_MP4_ENC(/.*)? u:object_r:MT6516_MP4_ENC_device:s0
/dev/mt6605 u:object_r:mt6605_device:s0
/dev/mt9p012(/.*)? u:object_r:mt9p012_device:s0
/dev/mtfreqhopping(/.*)? u:object_r:mtfreqhopping_device:s0
/dev/mtgpio(/.*)? u:object_r:mtgpio_device:s0
/dev/mtk-adc-cali(/.*)? u:object_r:mtk-adc-cali_device:s0
/dev/mtk_disp.* u:object_r:graphics_device:s0
/dev/mtkfb_vsync(/.*)? u:object_r:graphics_device:s0
/dev/mtkg2d(/.*)? u:object_r:mtkg2d_device:s0
/dev/mtk_jpeg(/.*)? u:object_r:mtk_jpeg_device:s0
/dev/mtk-kpd(/.*)? u:object_r:mtk_kpd_device:s0
/dev/mtk_sched(/.*)? u:object_r:mtk_sched_device:s0
/dev/MTK_SMI(/.*)? u:object_r:MTK_SMI_device:s0
/dev/mtk_rrc(/.*)? u:object_r:mtk_rrc_device:s0
/dev/mt-mdp(/.*)? u:object_r:mt_mdp_device:s0
/dev/mt_otg_test(/.*)? u:object_r:mt_otg_test_device:s0
/dev/MT_pmic_adc_cali        u:object_r:MT_pmic_adc_cali_device:s0
/dev/MT_pmic_adc_cali(/.*)? u:object_r:MT_pmic_cali_device:s0
/dev/MT_pmic(/.*)? u:object_r:MT_pmic_device:s0
/dev/network.* u:object_r:network_device:s0
/dev/nvram(/.*)? u:object_r:nvram_device:s0
/dev/nxpspk(/.*)? u:object_r:smartpa_device:s0
/dev/otp        u:object_r:otp_device:s0
/dev/pmem_multimedia(/.*)? u:object_r:pmem_multimedia_device:s0
/dev/pmt(/.*)? u:object_r:pmt_device:s0
/dev/preloader(/.*)? u:object_r:preloader_device:s0
/dev/pro_info(/.*)? u:object_r:pro_info_device:s0
/dev/protect_f(/.*)? u:object_r:protect_f_device:s0
/dev/protect_s(/.*)? u:object_r:protect_s_device:s0
/dev/psaux(/.*)? u:object_r:psaux_device:s0
/dev/ptmx(/.*)? u:object_r:ptmx_device:s0
/dev/ptyp.* u:object_r:ptyp_device:s0
/dev/pvr_sync(/.*)? u:object_r:gpu_device:s0
/dev/qemu_pipe(/.*)? u:object_r:qemu_pipe_device:s0
/dev/recovery(/.*)? u:object_r:recovery_device:s0
/dev/rfkill(/.*)? u:object_r:rfkill_device:s0
/dev/rtc[0-9]+ u:object_r:rtc_device:s0
/dev/RT_Monitor(/.*)? u:object_r:RT_Monitor_device:s0
/dev/kick_powerkey(/.*)? u:object_r:kick_powerkey_device:s0
/dev/seccfg(/.*)? u:object_r:seccfg_device:s0
/dev/sec_ro(/.*)? u:object_r:sec_ro_device:s0
/dev/sec(/.*)? u:object_r:sec_device:s0
/dev/tee1 u:object_r:tee_part_device:s0
/dev/tee2 u:object_r:tee_part_device:s0
/dev/sensor(/.*)? u:object_r:sensor_device:s0
/dev/smartpa_i2c(/.*)? u:object_r:smartpa1_device:s0
/dev/snapshot(/.*)? u:object_r:snapshot_device:s0
/dev/socket/adbd(/.*)? u:object_r:adbd_socket:s0
/dev/socket/agpsd2(/.*)? u:object_r:agpsd_socket:s0
/dev/socket/agpsd3(/.*)? u:object_r:agpsd_socket:s0
/dev/socket/agpsd(/.*)? u:object_r:agpsd_socket:s0
/dev/socket/atci-audio(/.*)? u:object_r:atci_audio_socket:s0
/dev/socket/atci-serv-fw(/.*)? u:object_r:atci_serv_fw_socket:s0
/dev/socket/atci-service(/.*)? u:object_r:atci_service_socket:s0
/dev/socket/backuprestore(/.*)? u:object_r:backuprestore_socket:s0
/dev/socket/dfo(/.*)? u:object_r:dfo_socket:s0
/dev/socket/dnsproxyd(/.*)? u:object_r:dnsproxyd_socket:s0
/dev/socket/dumpstate(/.*)? u:object_r:dumpstate_socket:s0
/dev/socket/installd(/.*)? u:object_r:installd_socket:s0
/dev/socket/mdnsd(/.*)? u:object_r:mdnsd_socket:s0
/dev/socket/mdns(/.*)? u:object_r:mdns_socket:s0
/dev/socket/mnld(/.*)? u:object_r:mnld_socket:s0
/dev/socket/mtpd(/.*)? u:object_r:mtpd_socket:s0
/dev/socket/netdiag(/.*)? u:object_r:netdiag_socket:s0
/dev/socket/netd(/.*)? u:object_r:netd_socket:s0
/dev/socket/racoon(/.*)? u:object_r:racoon_socket:s0
/dev/socket/rild2-md2(/.*)? u:object_r:rild2_md2_socket:s0
/dev/socket/rild2(/.*)? u:object_r:rild2_socket:s0
/dev/socket/rild3(/.*)? u:object_r:rild3_socket:s0
/dev/socket/rild4(/.*)? u:object_r:rild4_socket:s0
/dev/socket/rild-mal(/.*)? u:object_r:rild_mal_socket:s0
/dev/socket/rild-mal-at(/.*)? u:object_r:rild_mal_at_socket:s0
/dev/socket/rild-mal-md2(/.*)? u:object_r:rild_mal_md2_socket:s0
/dev/socket/rild-mal-at-md2(/.*)? u:object_r:rild_mal_at_md2_socket:s0
/dev/socket/rild-ims(/.*)? u:object_r:rild_ims_socket:s0
/dev/socket/volte_imsm(/.*)? u:object_r:rild_imsm_socket:s0
/dev/socket/rild-atci-md2(/.*)? u:object_r:rild_atci_md2_socket:s0
/dev/socket/rild-atci(/.*)? u:object_r:rild_atci_socket:s0
/dev/socket/rild-vsim(/.*)? u:object_r:rild_vsim_socket:s0
/dev/socket/rild-vsim-md2(/.*)? u:object_r:rild_vsim_md2_socket:s0
/dev/socket/rild-ctclient u:object_r:rild_ctclient_socket:s0
/dev/socket/rild-debug-md2(/.*)? u:object_r:rild_debug_md2_socket:s0
/dev/socket/rild-debug(/.*)? u:object_r:rild_debug_socket:s0
/dev/socket/rild-dongle(/.*)? u:object_r:rild-dongle_socket:s0
/dev/socket/rild-md2(/.*)? u:object_r:rild_md2_socket:s0
/dev/socket/rild-mtk-modem-md2(/.*)? u:object_r:rild_mtk_modem_md2_socket:s0
/dev/socket/rild-mtk-modem(/.*)? u:object_r:rild_mtk_modem_socket:s0
/dev/socket/rild-mtk-ut-2-md2(/.*)? u:object_r:rild_mtk_ut_2_md2_socket:s0
/dev/socket/rild-mtk-ut-2(/.*)? u:object_r:rild_mtk_ut_2_socket:s0
/dev/socket/rild-mtk-ut-md2(/.*)? u:object_r:rild_mtk_ut_md2_socket:s0
/dev/socket/rild-mtk-ut(/.*)? u:object_r:rild_mtk_ut_socket:s0
/dev/socket/rild-oem-md2(/.*)? u:object_r:rild_oem_md2_socket:s0
/dev/socket/rild-oem(/.*)? u:object_r:rild_oem_socket:s0
/dev/socket/rild(/.*)? u:object_r:rild_socket:s0
/dev/socket/rild-via u:object_r:rild_via_socket:s0
/dev/socket/rild-atci-c2k(/.*)? u:object_r:rild_atci_c2k_socket:s0
/dev/socket/mal-mfi(/.*)? u:object_r:mal_mfi_socket:s0
/dev/socket/rpc u:object_r:rpc_socket:s0
/dev/socket/soc_vt_stk(/.*)? u:object_r:soc_vt_stk_socket:s0
/dev/socket/soc_vt_svc(/.*)? u:object_r:soc_vt_svc_socket:s0
/dev/socket/soc_vt_tcv(/.*)? u:object_r:soc_vt_tcv_socket:s0
/dev/socket/statusd u:object_r:statusd_socket:s0
/dev/socket/sysctl(/.*)? u:object_r:sysctl_socket:s0
/dev/socket/vold(/.*)? u:object_r:vold_socket:s0
/dev/socket/volte_stack(/.*)? u:object_r:volte_stack_socket:s0
/dev/socket/volte_imcb(/.*)? u:object_r:volte_imcb_socket:s0
/dev/socket/volte_ua(/.*)? u:object_r:volte_ua_socket:s0
/dev/socket/volte_imsa1(/.*)? u:object_r:volte_imsa1_socket:s0
/dev/socket/volte_imsvt1(/.*)? u:object_r:volte_imsvt1_socket:s0
/dev/socket/wpa_wlan0(/.*)? u:object_r:wpa_wlan0_socket:s0
/dev/socket/zygote(/.*)? u:object_r:zygote_socket:s0
/dev/socket/wod_action(/.*)? u:object_r:wod_action_socket:s0
/dev/socket/wod_sim(/.*)? u:object_r:wod_sim_socket:s0
/dev/socket/wod_ipsec(/.*)? u:object_r:wod_ipsec_socket:s0
/dev/socket/tunman(/.*)? u:object_r:tunman_socket:s0
/dev/stpant(/.*)? u:object_r:stpant_device:s0
/dev/stpbt(/.*)? u:object_r:stpbt_device:s0
/dev/stpgps        u:object_r:mnld_device:s0
/dev/stpgps(/.*)? u:object_r:stpgps_device:s0
/dev/stpwmt(/.*)? u:object_r:stpwmt_device:s0
/dev/sw_sync(/.*)? u:object_r:sw_sync_device:s0
/dev/tgt(/.*)? u:object_r:tgt_device:s0
/dev/touch(/.*)? u:object_r:touch_device:s0
/dev/tpd_em_log(/.*)? u:object_r:tpd_em_log_device:s0
/dev/ttyC0         u:object_r:gsm0710muxd_device:s0
/dev/ttyC1 u:object_r:mdlog_device:s0
/dev/ttyC2         u:object_r:agps_device:s0
/dev/ttyC3 u:object_r:icusb_device:s0
/dev/ttyGS.* u:object_r:ttyGS_device:s0
/dev/ttyMT.* u:object_r:ttyMT_device:s0
/dev/ttyp.* u:object_r:ttyp_device:s0
/dev/ttySDIO.* u:object_r:ttySDIO_device:s0
/dev/ttyUSB0         u:object_r:tty_device:s0
/dev/ttyUSB1         u:object_r:tty_device:s0
/dev/ttyUSB2         u:object_r:tty_device:s0
/dev/ttyUSB3         u:object_r:tty_device:s0
/dev/ttyUSB4         u:object_r:tty_device:s0
/dev/TV-out(/.*)? u:object_r:TV_out_device:s0
/dev/ubi_ctrl u:object_r:mtd_device:s0
/dev/ubi[_0-9]* u:object_r:mtd_device:s0
/dev/uboot(/.*)? u:object_r:uboot_device:s0
/dev/uibc(/.*)? u:object_r:uibc_device:s0
/dev/uinput(/.*)? u:object_r:uinput_device:s0
/dev/uio0(/.*)? u:object_r:uio0_device:s0
/dev/usrdata(/.*)? u:object_r:usrdata_device:s0
/dev/Vcodec(/.*)? u:object_r:Vcodec_device:s0
/dev/vmodem u:object_r:vmodem_device:s0
/dev/vow(/.*)? u:object_r:vow_device:s0
/dev/wmtdetect(/.*)? u:object_r:wmtdetect_device:s0
/dev/wmtWifi(/.*)? u:object_r:wmtWifi_device:s0
/dev/xlog u:object_r:xlog_device:s0
/dev/offloadservice(/.*)? u:object_r:offloadservice_device:s0
/dev/irtx u:object_r:irtx_device:s0
/dev/spm(/.*)? u:object_r:spm_device:s0

# Add by silead begin
/dev/silead_fp_dev(/.*)?  u:object_r:silead_fp_dev_device:s0
# Add by silead end

/dev/xt_qtaguid(/.*)? u:object_r:xt_qtaguid_device:s0
/dev/pmic_ftm(/.*)? u:object_r:pmic_ftm_device:s0
/dev/shf  u:object_r:shf_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/proinfo  u:object_r:nvram_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/nvram  u:object_r:nvram_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/nvdata u:object_r:nvdata_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/frp  u:object_r:frp_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/expdb u:object_r:expdb_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/misc2 u:object_r:misc2_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/logo u:object_r:logo_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/para u:object_r:para_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/tee1 u:object_r:tee_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/tee2 u:object_r:tee_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/seccfg u:object_r:seccfg_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/secro u:object_r:secro_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/userdata u:object_r:userdata_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/cache u:object_r:cache_block_device:s0
/dev/block/platform/mtk-msdc\.0/by-name/recovery u:object_r:recovery_block_device:s0
/dev/block/mmcblk0boot0 u:object_r:preloader_block_device:s0
/dev/block/mmcblk0boot1 u:object_r:preloader_block_device:s0
/dev/block/mmcblk0 u:object_r:mmcblk0_block_device:s0
/dev/block/mmcblk1 u:object_r:mmcblk1_block_device:s0
/dev/block/mmcblk1p1 u:object_r:mmcblk1p1_block_device:s0

/protect_f(/.*)?         u:object_r:protect_f_data_file:s0
/protect_s(/.*)?         u:object_r:protect_s_data_file:s0
/persist(/.*)?         u:object_r:persist_data_file:s0
/dev/ttyACM0        u:object_r:ttyACM_device:s0
/dev/hrm       u:object_r:hrm_device:s0
/dev/trusty-ipc-dev0 u:object_r:tee_device:s0

#############################
# sysfs files
#
/sys/bus/platform/drivers/gyrocope/chipinfo  u:object_r:gyroscope_mpud6050_chipinfo:s0
/sys/bus/platform/drivers/gyrocope/status  u:object_r:gyroscope_mpud6050_status:s0
/sys/bus/platform/drivers/msensor/daemon2 u:object_r:msensord_daemon2:s0
/sys/bus/platform/drivers/msensor/daemon u:object_r:msensord_daemon:s0
/sys/class/i2c-adapter/(/.*)?  u:object_r:gyroscope_mpud6050_use:s0
/sys/class/invensense_daemon_class/invensense_daemon_device(/.*)?  u:object_r:gyroscope_mpud6050_file:s0
/sys/devices/platform/gsensor/driver(/.*)?	u:object_r:sysfs_gsensor_file:s0
/sys/devices/platform/msensor/driver(/.*)?	u:object_r:sysfs_msensor_file:s0
/sys/bus/platform/drivers/mtk-kpd(/.*)?	u:object_r:sysfs_keypad_file:s0
/sys/power/vcorefs/pwr_ctrl -- u:object_r:sysfs_vcorefs_pwrctrl:s0
/sys/devices/virtual/misc/scp(/.*)?  u:object_r:sysfs_scp:s0


#############################
# System files
#
/system/app/mcRegistry(/.*)? u:object_r:mobicore_data_file:s0
/system/bin/6620_launcher u:object_r:mtk_6620_launcher_exec:s0
/system/bin/stp_dump3 u:object_r:stp_dump3_exec:s0
/system/bin/aal u:object_r:aal_exec:s0
/system/bin/aee_core_forwarder u:object_r:aee_core_forwarder_exec:s0
/system/bin/akmd09911 u:object_r:akmd09911_exec:s0
/system/bin/akmd09912 u:object_r:akmd09912_exec:s0
/system/bin/akmd8963 u:object_r:akmd8963_exec:s0
/system/bin/akmd8975 u:object_r:akmd8975_exec:s0
/system/bin/ami304d u:object_r:ami304d_exec:s0
/system/bin/atcid u:object_r:atcid_exec:s0
/system/bin/atci_service u:object_r:atci_service_exec:s0
/system/bin/audiocmdservice_atci u:object_r:audiocmdservice_atci_exec:s0
/system/bin/autokd u:object_r:autokd_exec:s0
/system/bin/batterywarning u:object_r:batterywarning_exec:s0
/system/bin/bmm050d u:object_r:bmm050d_exec:s0
/system/bin/bmm056d u:object_r:bmm056d_exec:s0
/system/bin/boot_logo_updater u:object_r:boot_logo_updater_exec:s0
/system/bin/br_app_data_service u:object_r:br_app_data_service_exec:s0
/system/bin/ccci_fsd u:object_r:ccci_fsd_exec:s0
/system/bin/ccci_mdinit u:object_r:ccci_mdinit_exec:s0
/system/bin/ccci_rpcd u:object_r:ccci_rpcd_exec:s0
/system/bin/dhcp6c u:object_r:dhcp6c_exec:s0
/system/bin/dm_agent_binder u:object_r:dm_agent_binder_exec:s0
/system/bin/dmlog u:object_r:dmlog_exec:s0
/system/bin/dongled u:object_r:usbdongled_exec:s0
/system/bin/eemcs_fsd u:object_r:eemcs_fsd_exec:s0
/system/bin/eemcs_mdinit u:object_r:eemcs_mdinit_exec:s0
/system/bin/emdlogger[0-9]+ u:object_r:emdlogger_exec:s0
/system/bin/em_svr u:object_r:em_svr_exec:s0
/system/bin/factory u:object_r:factory_exec:s0
/system/bin/flashlessd u:object_r:flashlessd_exec:s0
/system/bin/fuelgauged u:object_r:fuelgauged_exec:s0
/system/bin/ged_srv u:object_r:ged_srv_exec:s0
/system/bin/gas_srv    u:object_r:gas_srv_exec:s0
/system/bin/kpoc_charger u:object_r:kpoc_charger_exec:s0
/system/bin/geomagneticd u:object_r:geomagneticd_exec:s0
/system/bin/GoogleOtaBinder u:object_r:GoogleOtaBinder_exec:s0
/system/bin/gsm0710muxdmd2 u:object_r:gsm0710muxdmd2_exec:s0
/system/bin/gsm0710muxd u:object_r:gsm0710muxd_exec:s0
/system/bin/guiext-server u:object_r:guiext-server_exec:s0
/system/bin/icusbd u:object_r:icusbd_exec:s0
/system/bin/init.gprs-pppd u:object_r:zpppd_gprs_exec:s0
/system/bin/ipod u:object_r:ipod_exec:s0
/system/bin/ipo_swap u:object_r:ipo_swap_exec:s0
/system/bin/launchpppoe u:object_r:launchpppoe_exec:s0
/system/bin/matv u:object_r:matv_exec:s0
/system/bin/mc6420d u:object_r:mc6420d_exec:s0
/system/bin/mcDriverDaemon u:object_r:mobicore_exec:s0
/system/bin/mdlogger u:object_r:mdlogger_exec:s0
/system/bin/memsicd3416x u:object_r:memsicd3416x_exec:s0
/system/bin/memsicd u:object_r:memsicd_exec:s0
/system/bin/meta_tst u:object_r:meta_tst_exec:s0
 
/system/bin/mmc_ffu u:object_r:mmc_ffu_exec:s0
/system/bin/emmc_rw_debug u:object_r:emmc_rw_debug_exec:s0
/system/bin/mvg_app u:object_r:mvg_app_exec:s0
/system/bin/mmp u:object_r:mmp_exec:s0
/system/bin/mobile_log_d u:object_r:mobile_log_d_exec:s0
/system/bin/mpud6050 u:object_r:mpud6050_exec:s0
/system/bin/msensord u:object_r:msensord_exec:s0
/system/bin/mtk_agpsd u:object_r:mtk_agpsd_exec:s0
/system/bin/MtkCodecService u:object_r:MtkCodecService_exec:s0
/system/bin/mtkrildmd2 u:object_r:mtkrildmd2_exec:s0
/system/bin/mtkrild u:object_r:mtkrild_exec:s0
/system/bin/muxreport u:object_r:muxreport_exec:s0
/system/bin/netdiag u:object_r:netdiag_exec:s0
/system/bin/nvram_agent_binder u:object_r:nvram_agent_binder_exec:s0
/system/bin/nvram_daemon u:object_r:nvram_daemon_exec:s0
/system/bin/orientationd u:object_r:orientationd_exec:s0
/system/bin/permission_check u:object_r:permission_check_exec:s0
/system/bin/poad u:object_r:poad_exec:s0
/system/bin/ppl_agent u:object_r:ppl_agent_exec:s0
/system/bin/pppd_dt u:object_r:pppd_dt_exec:s0
/system/bin/pppd_via u:object_r:pppd_via_exec:s0
/system/bin/pq u:object_r:pq_exec:s0
/system/bin/program_binary_service u:object_r:program_binary_exec:s0
/system/bin/resize2fs  --  u:object_r:resize_exec:s0
/system/bin/resize_ext4  --  u:object_r:resize_exec:s0
/system/bin/resmon u:object_r:resmon_exec:s0
/system/bin/rild_dongle u:object_r:ril-3gddaemon_exec:s0
/system/bin/s62xd u:object_r:s62xd_exec:s0
/system/bin/slpd u:object_r:slpd_exec:s0
/system/bin/sn u:object_r:sn_exec:s0
/system/bin/statusd u:object_r:statusd_exec:s0
/system/bin/terservice u:object_r:terservice_exec:s0
/system/bin/thermald u:object_r:thermald_exec:s0
/system/bin/thermal_manager u:object_r:thermal_manager_exec:s0
/system/bin/thermalloadalgod u:object_r:thermalloadalgod_exec:s0  
/system/bin/thermal u:object_r:thermal_exec:s0
/system/bin/tiny_mkswap u:object_r:tiny_mkswap_exec:s0
/system/bin/tiny_swapon u:object_r:tiny_swapon_exec:s0
/system/bin/tune2fs u:object_r:tune2fs_exec:s0
/system/bin/viarild u:object_r:viarild_exec:s0
/system/bin/volte_imcb u:object_r:volte_imcb_exec:s0
/system/bin/volte_stack u:object_r:volte_stack_exec:s0
/system/bin/volte_ua u:object_r:volte_ua_exec:s0
/system/bin/wfca u:object_r:wfca_exec:s0
/system/bin/mtkmal u:object_r:mtkmal_exec:s0
/system/bin/wifi2agps u:object_r:wifi2agps_exec:s0
/system/bin/wmt_loader u:object_r:wmt_loader_exec:s0
/system/bin/xlog u:object_r:xlog_exec:s0
/system/bin/sbchk u:object_r:sbchk_exec:s0
/system/bin/OperaMaxSystem u:object_r:tunman_exec:s0
/system/etc/sensor(/.*)?	u:object_r:system_sensor_data_file:s0
/system/vendor/bin/pvrsrvctl u:object_r:pvrsrvctl_exec:s0
/system/xbin/BGW u:object_r:BGW_exec:s0
/system/xbin/mnld u:object_r:mnld_exec:s0
/system/bin/md_ctrl u:object_r:md_ctrl_exec:s0
/system/bin/cmddumper u:object_r:cmddumper_exec:s0
/system/bin/epdg_wod u:object_r:epdg_wod_exec:s0
/system/bin/ipsec u:object_r:ipsec_exec:s0
/system/bin/charon u:object_r:charon_exec:s0
/system/bin/starter u:object_r:starter_exec:s0
/system/bin/stroke u:object_r:stroke_exec:s0
/system/bin/istd8303 u:object_r:istd8303_exec:s0
/system/bin/spm_loader u:object_r:spm_loader_exec:s0
/system/bin/vtservice u:object_r:vtservice_exec:s0
/system/bin/hotknot_native_service u:object_r:hotknot_native_exec:s0
/system/bin/pppd_btdun u:object_r:pppd_btdun_exec:s0

# Add by silead begin
/system/bin/fpsvcd u:object_r:fpsvcd_exec:s0
/system/bin/fpfslockd u:object_r:fpsvcd_exec:s0
/system/bin/cloudtestsuited u:object_r:fpsvcd_exec:s0
/system/bin/checksilead u:object_r:fpsvcd_exec:s0
# Add by silead end

# Wallpaper file for smartbook
/data/system/users/[0-9]+/smartbook_wallpaper	u:object_r:wallpaper_file:s0

#fat on nand image
/fat(/.*)?  u:object_r:fon_image_data_file:s0
type fpsvcd_exec , exec_type, file_type;
type fpsvcd ,domain;
init_daemon_domain(fpsvcd)

allow fpsvcd fpsvcd:capability { sys_nice dac_override net_admin};
allow fpsvcd fpsvcd:capability2 { block_suspend };
allow fpsvcd init_tmpfs:file {getattr read open};
allow fpsvcd tmpfs:dir { write add_name };
allow fpsvcd fpsvcd_tmpfs:file { write create read open};
allow fpsvcd silead_fp_dev_device:chr_file { read write ioctl open };
allow fpsvcd uhid_device:chr_file { write open ioctl};
allow fpsvcd fpsvcd:netlink_kobject_uevent_socket {create read write setopt bind };
allow fpsvcd sysfs_wake_lock:file {write read open};
allow fpsvcd system_app:dir { read open };
#allow fpsvcd system_data_file:dir { create write add_name read open };
#allow fpsvcd system_data_file:file { create write open read };
allow fpsvcd fpsvcd_data_file:dir { create write add_name remove_name read open search};
allow fpsvcd fpsvcd_data_file:file {unlink getattr create write open read };
#allow fpsvcd silead_data_file:dir { search create write add_name read open };
#allow fpsvcd silead_data_file:file { create write open read getattr };
allow fpsvcd platform_app_tmpfs:file { open read write };
allow fpsvcd fingerprintd:dir { open read  };
allow fpsvcd fuse:dir { search open add_name remove_name read write create};
allow fpsvcd fuse:file { unlink open read write create getattr setattr rename};
allow fpsvcd property_socket:sock_file { write };
allow fpsvcd init:unix_stream_socket { connectto };
allow fpsvcd system_prop:property_service { set }; 
# ==============================================
# MTK Policy Rule
# ==============================================

# permissive system_app;
typeattribute system_app mlstrustedsubject;


# Date : 2014/07/31
# Stage: BaseUT
# Purpose :[CdsInfo][CdsInfo uses net shell commands to get network information and write WI-FI MAC address by NVRAM]
# Package Name: com.mediatek.connectivity
allow system_app nvram_agent_binder:binder call;

# Date: 2014/08/01
# Operation: BaseUT
# Purpose: [Settings][Settings used list views need velocity tracker access touch dev]
# Package: com.android.settings
allow system_app touch_device:chr_file { read ioctl open };

# Date: 2014/08/04
# Stage: BaseUT
# Purpose: [MTKThermalManager][View thermal zones and coolers, and change thermal policies]
# Package Name: com.mediatek.mtkthermalmanager
allow system_app apk_private_data_file:dir getattr;
allow system_app asec_image_file:dir getattr;
allow system_app dontpanic_data_file:dir getattr;
allow system_app drm_data_file:dir getattr;
allow system_app install_data_file:file getattr;
allow system_app lost_found_data_file:dir getattr;
allow system_app media_data_file:dir getattr;
allow system_app property_data_file:dir getattr;
allow system_app shell_data_file:dir search;
allow system_app thermal_manager_exec:file { read execute open execute_no_trans };
allow system_app proc_thermal:dir search;
allow system_app proc_thermal:file { read getattr open write };
allow system_app proc_mtkcooler:dir search;
allow system_app proc_mtkcooler:file { read getattr open write };
allow system_app proc_mtktz:dir search;
allow system_app proc_mtktz:file  { read getattr open write };
allow system_app proc_slogger:file { read getattr open write };

# Date: 2014/08/21
# Stage: BaseUT
# Purpose: [AtciService][Atci Service will use atci_serv_fw_socket to connect to atci_service which in native layer]
# Package Name: com.mediatek.atci.service
allow system_app atci_serv_fw_socket:sock_file write;
allow system_app atci_service:unix_stream_socket connectto;

# Date: 2014/08/29
# Stage: BaseUT
# Purpose: [BatteryWarning][View update graphics]
# Package Name: com.mediatek.batterywarning
allow system_app guiext-server:binder { transfer call };

# Date: 2015/07/24
# Stage: BaseUT
# Purpose: [HotKnot][HotKnot service will add into ServiceManager]
# Package Name: com.mediatek.hotknot.service
allow system_app mtk_hotknot_service:service_manager add;

# Date: 2014/09/02
# Operation: BaseUT
# Purpose: [HotKnot][HotKnot service will use hoknot device node]
# Package: com.mediatek.hotknot.service
allow system_app hotknot_device:chr_file { read write ioctl open };

# Date: 2014/09/02
# Operation: BaseUT
# Purpose: [HotKnot][HotKnot service will use devmap_device device node]
# Package: com.mediatek.hotknot.service
allow system_app devmap_device:chr_file { read ioctl open };

# Date: 2014/09/02
# Operation: BaseUT
# Purpose: [HotKnot][HotKnot service will use mtkfb device node]
# Package: com.mediatek.hotknot.service
allow system_app graphics_device:chr_file { read write ioctl open };
allow system_app graphics_device:dir search;

# Data : 2014/09/09
# Operation : Migration
# Purpose : [Privacy protection lock][com.mediatek.ppl need to bind ppl_agent service to read/write nvram file]
# Package name : com.mediatek.ppl

allow system_app ppl_agent:binder call;

# Date: 2014/10/7
# Operation: SQC
# Purpose: [sysoper][sysoper will create folder /cache/recovery]
# Package: com.mediatek.systemupdate.sysoper
allow system_app cache_file:dir { write create add_name };
allow system_app cache_file:file { write create open };

# Date : 2014/10/08
# Operation : BaseUT
# Purpose : [op01 agps setting][mtk_agpsd establishes the local socket as agpsd for all A-GPS 
#           application to do something with mtk_agpsd in system app]
# Package: com.mediatek.op01.plugin
unix_socket_connect(system_app, agpsd, mtk_agpsd);

# Date : 2014/10/28
# Operation: SQC
# Purpose : ALPS01761930
# Package: com.android.settings
allow system_app asec_apk_file:file r_file_perms;

# Date : WK14.46
# Operation : Migration
# Purpose : for MTK Emulator HW GPU
allow system_app qemu_pipe_device:chr_file rw_file_perms;

# Date : WK14.46
# Operation : Migration
# Package: org.simalliance.openmobileapi.service
# Purpose : ALPS01820916, for SmartcardService
allow system_app system_app_data_file:file execute;

# Date : 2014/11/17
# Operation: SQC
# Purpose : [Settings][Battery module will call batterystats API, and it will read /sys/kernel/debug/wakeup_sources]
# Package: com.android.settings
allow system_app debugfs:file r_file_perms;

# Date : 2014/11/18
# Operation : SQC
# Purpose : for oma dm fota recovery update
allow system_app ctl_rbfota_prop:property_service set;

# Date : 2014/11/19
# Operation: SQC
# Purpose: [Settings][RenderThread][operate device file failed]
# Package: com.android.settings
allow system_app proc_secmem:file rw_file_perms;

# Date : 2014/11/20
# Operation: SQC
# Purpose: [Settings][Developer options module will communicate with all Services through binder call]
# Package: com.android.settings
binder_call(system_app, MtkCodecService)

# Date : 2014/11/26
# Operation: SQC
# Purpose: [Settings][Browser][warning kernel API'selinux enforce violation:sdcardd' when do stress test with ' AT_ST_Browser_Test.rar']
# Package: com.android.settings
allow system_app platform_app_tmpfs:file write;

# Date : 2015/01/13
# Operation: SQC
# Purpose: access ashmem of isolated_app
# Package: com.fw.upgrade.sysoper
dontaudit system_app isolated_app_tmpfs:file write;

# Date : 2015/01/14
# Operation: SQC
# Purpose: access ashmem of untrusted_app
# Package: android.ui
dontaudit system_app untrusted_app_tmpfs:file write;

# Date : 2015/01/27
# Operation: SQC
# Purpose: It's not normal behavior, that system_app want to access radio_file_data
# Package: android.ui
dontaudit system_app radio_data_file:dir search;

# Date : WK15.30
# Operation : Migration
# Purpose : for device bring up, not to block early migration/sanity
allow system_app system_app_service:service_manager add;
allow system_app drmserver:drmservice openDecryptSession;

# Date: 2015/07/24
# Stage: Migration
# Purpose: [MTKThermalManager][View thermal zones and coolers, and change thermal policies]
# Package Name: com.mediatek.mtkthermalmanager
allow system_app thermal_manager_data_file:file { open getattr read write create};
allow system_app thermal_manager_data_file:file { open setattr lock };
allow system_app thermal_manager_data_file:dir { search getattr open read write setattr add_name };

# Add by silead 2016/03/18 begin
# add for fp.apk create file under '/data/silead/' file path
allow system_app fpsvcd_data_file:dir { create write add_name remove_name read open search};
allow system_app fpsvcd_data_file:file { unlink getattr create write open read };
# add for starting cloudtestsuited in apk
allow system_app fpsvcd_tmpfs:file { read write open getattr };
allow system_app fpsvcd_exec:file { getattr read execute open execute_no_trans };
allow system_app fpsvcd:dir { read open };
allow system_app tmpfs:dir { read write getattr };
# Add by silead 2016/03/18 end

# Date: 2015/09/10
# Stage: Migration
# Purpose: [HotKnot] Allow HotKnot service to start/stop hotknot_native_service
allow system_app hotknot_prop:property_service set;

3. 最后就是在应用中启动该bin服务,有两种方式:

一,可以在init.rc中在声明service 前 添加一行代码,

           on property:sys.service.silead=enabled
                   start cloudtestsuited

      然后再apk中就可以执行如下代码,前提是apk具有platform签名,system权限:

//启动bin服务
             case R.id.shutdown_btn2:
                 Log.v(TAG, "system service->shutdown" );
                 SystemProperties.set( "sys.service.silead" , "enabled" );
                 break ;

       二, 可以在代码中直接通过调用cmd命令的方式启动bin服务:

      参考代码:

      


    private void startCloudServer() {
        new Thread(new Runnable() {
            @Override
            public void run() {
                try {
                    Log.v(Const.TAG_LOG, TAG
                            + " startCloudServer->getRuntime cloudtestsuited");
                    //String[] cmd = new String[] { "su", "-c", "cloudtestsuited" };
                    String[] cmd = new String[] { "sh", "-c", "cloudtestsuited" };
                    //Process proc = Runtime.getRuntime().exec(cmd);
                    //proc.waitFor();
                    excuteCmd_multiThread(cmd);
                } catch (Exception e) {
                    Log.e(Const.TAG_LOG, TAG
                            + " startCloudServer occurs exception, ", e);
                }
                try {
                    Log.v(Const.TAG_LOG, TAG
                            + " startCloudServer->SystemProperties cloudtestsuited");
                    //SystemProperties.set("ctl.start", "ztstartsileadcloudtest");
                } catch (Exception e) {
                    Log.e(Const.TAG_LOG, TAG
                            + " startCloudServer occurs exception, ", e);
                }
            }

        }).start();
    }

    private void excuteCmd_multiThread(String[] cmd) {
        try {
            Process proc = Runtime.getRuntime().exec(cmd);
            Thread errorThread = new Thread(new InputStreamRunnable(
                    proc.getErrorStream(), "ErrorStream"));
            errorThread.start();
            Thread outputThread = new Thread(new InputStreamRunnable(
                    proc.getInputStream(), "OutputStream"));
            outputThread.start();
            proc.waitFor();
        } catch (InterruptedException e) {
            Log.e(Const.TAG_LOG, TAG
                    + " excuteCmd_multiThread occurs InterruptedException, ", e);
        } catch (IOException e) {
            Log.e(Const.TAG_LOG, TAG
                    + " excuteCmd_multiThread occurs IOException, ", e);
        }
    }

    private class InputStreamRunnable implements Runnable {
        BufferedReader bReader = null;
        String type = null;

        public InputStreamRunnable(InputStream is, String typeCode) {
            try {
                type = typeCode;
                bReader = new BufferedReader(new InputStreamReader(
                        new BufferedInputStream(is), "UTF-8"));
            } catch (Exception e) {
                Log.e(Const.TAG_LOG, TAG
                        + " InputStreamRunnable occurs exception, ", e);
            }
        }

        @Override
        public void run() {
            String line;
            int lineNum = 0;
            try {
                while ((line = bReader.readLine()) != null) {
                    if ("ErrorStream".equals(type)) {
                        Log.e("FpCloudServer ERROR", line);
                    } else if ("OutputStream".equals(type)) {
                        Log.i("FpCloudServer Output", line);
                    } else {
                        Log.v("FpCloudServer debug", line);
                    }
                    lineNum++;
                }
                if (bReader != null) {
                    bReader.close();
                }
            } catch (Exception e) {
                Log.e(Const.TAG_LOG, TAG
                        + " InputStreamRunnable run occurs exception, ", e);
            }
        }
    }


以上即可实现在apk中调用启动bin服务文件。

具体apk实现代码可以参考 FpCloudTest.zip 附件: http://download.csdn.net/detail/jiuxiaoyunwu/9499487

相关selinux权限 即te权限的添加请参考:http://download.csdn.net/detail/jiuxiaoyunwu/9499570


已标记关键词 清除标记
©️2020 CSDN 皮肤主题: 大白 设计师:CSDN官方博客 返回首页