tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

sepolicy: Serve suspend AIDL hal from system_suspend

Browse source 
Allow system_suspend to server the suspend AIDL hal service.

Bug: 170260236
Test: Check logcat for supend avc denials
Change-Id: Ie4c07e2e8d75fd4b12e55db15511060e09be59cf
This commit is contained in:
Kalesh Singh 2021-07-20 15:13:38 +00:00
parent 6b4f91cbf0
commit 0e903620a5
4 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
private/compat/31.0/31.0.ignore.cil
View file

@ -7,6 +7,7 @@
( new_objects
artd_service
camera2_extensions_prop
hal_system_suspend_service
power_stats_service
transformer_service
proc_watermark_boost_factor

1
private/service_contexts
View file

@ -21,6 +21,7 @@ android.hardware.vibrator.IVibratorManager/default u:object_r:
android.hardware.weaver.IWeaver/default u:object_r:hal_weaver_service:s0
android.frameworks.stats.IStats/default u:object_r:fwk_stats_service:s0
android.system.keystore2.IKeystoreService/default u:object_r:keystore_service:s0
android.system.suspend.ISystemSuspend/default u:object_r:hal_system_suspend_service:s0
accessibility u:object_r:accessibility_service:s0
account u:object_r:account_service:s0

2
private/system_suspend.te
View file

@ -7,6 +7,8 @@ init_daemon_domain(system_suspend)
binder_use(system_suspend)
add_service(system_suspend, system_suspend_control_service)
add_service(system_suspend, hal_system_suspend_service)
# Access to /sys/power/{ wakeup_count, state } suspend interface.
allow system_suspend sysfs_power:file rw_file_perms;

1
public/service.te
View file

@ -266,6 +266,7 @@ type hal_rebootescrow_service, vendor_service, protected_service, service_manage
type hal_remotelyprovisionedcomponent_service, vendor_service, protected_service, service_manager_type;
type hal_secureclock_service, vendor_service, protected_service, service_manager_type;
type hal_sharedsecret_service, vendor_service, protected_service, service_manager_type;
type hal_system_suspend_service, protected_service, service_manager_type;
type hal_vibrator_service, vendor_service, protected_service, service_manager_type;
type hal_weaver_service, vendor_service, protected_service, service_manager_type;