Sensors stable AIDL HAL sepolicy

Bug: 195593357
Test: TreeHugger
Change-Id: I02b88a93d829654a1ce946681b59e648b2cd7550
This commit is contained in:
Arthur Ishiguro 2021-10-15 15:47:13 +00:00
parent c080cea0a6
commit 29dc02c044
5 changed files with 9 additions and 0 deletions

View file

@ -12,6 +12,7 @@
extra_free_kbytes
extra_free_kbytes_exec
hal_contexthub_service
hal_sensors_service
hal_system_suspend_service
hal_tv_tuner_service
hal_uwb_service

View file

@ -16,6 +16,7 @@ android.hardware.security.keymint.IKeyMintDevice/default u:object_r:
android.hardware.security.keymint.IRemotelyProvisionedComponent/default u:object_r:hal_remotelyprovisionedcomponent_service:s0
android.hardware.security.secureclock.ISecureClock/default u:object_r:hal_secureclock_service:s0
android.hardware.security.sharedsecret.ISharedSecret/default u:object_r:hal_sharedsecret_service:s0
android.hardware.sensors.ISensors/default u:object_r:hal_sensors_service:s0
android.hardware.soundtrigger3.ISoundTriggerHw/default u:object_r:hal_audio_service:s0
android.hardware.tv.tuner.ITuner/default u:object_r:hal_tv_tuner_service:s0
android.hardware.uwb.IUwb/default u:object_r:hal_uwb_service:s0

View file

@ -12,3 +12,8 @@ allow hal_sensors hal_allocator:fd use;
# allow to run with real-time scheduling policy
allow hal_sensors self:global_capability_class_set sys_nice;
add_service(hal_sensors_server, hal_sensors_service)
binder_call(hal_sensors_server, servicemanager)
allow hal_sensors_client hal_sensors_service:service_manager find;

View file

@ -270,6 +270,7 @@ type hal_power_service, vendor_service, protected_service, service_manager_type;
type hal_power_stats_service, vendor_service, protected_service, service_manager_type;
type hal_rebootescrow_service, vendor_service, protected_service, service_manager_type;
type hal_remotelyprovisionedcomponent_service, vendor_service, protected_service, service_manager_type;
type hal_sensors_service, vendor_service, protected_service, service_manager_type;
type hal_secureclock_service, vendor_service, protected_service, service_manager_type;
type hal_sharedsecret_service, vendor_service, protected_service, service_manager_type;
type hal_system_suspend_service, protected_service, service_manager_type;

View file

@ -70,6 +70,7 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.radio@1\.2-sap-service u:object_r:hal_radio_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.rebootescrow-service\.default u:object_r:hal_rebootescrow_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.sensors@[0-9]\.[0-9]-service(\.multihal)? u:object_r:hal_sensors_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.sensors-service\.example u:object_r:hal_sensors_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.secure_element@1\.0-service u:object_r:hal_secure_element_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.security\.keymint-service u:object_r:hal_keymint_default_exec:s0
/(vendor|system/vendor)/bin/hw/rild u:object_r:rild_exec:s0