2017-03-22 00:01:52 +01:00
|
|
|
# vndservicemanager - the Binder context manager for vendor processes
|
2017-04-10 22:03:28 +02:00
|
|
|
type vndservicemanager_exec, exec_type, vendor_file_type, file_type;
|
2017-03-22 00:01:52 +01:00
|
|
|
|
|
|
|
init_daemon_domain(vndservicemanager);
|
|
|
|
|
|
|
|
allow vndservicemanager self:binder set_context_mgr;
|
|
|
|
|
|
|
|
# transfer binder objects to other processes (TODO b/35870313 limit this to vendor-only)
|
2018-02-09 20:31:56 +01:00
|
|
|
allow vndservicemanager { domain -coredomain -init -vendor_init }:binder transfer;
|
2017-03-22 00:01:52 +01:00
|
|
|
|
|
|
|
allow vndservicemanager vndbinder_device:chr_file rw_file_perms;
|
|
|
|
|
2017-04-01 02:29:53 +02:00
|
|
|
# Read vndservice_contexts
|
|
|
|
allow vndservicemanager vndservice_contexts_file:file r_file_perms;
|
|
|
|
|
2019-08-20 01:05:13 +02:00
|
|
|
# Start lazy services
|
|
|
|
set_prop(vndservicemanager, ctl_interface_start_prop)
|
|
|
|
|
2017-03-22 00:01:52 +01:00
|
|
|
# Check SELinux permissions.
|
|
|
|
selinux_check_access(vndservicemanager)
|