Merge "Cleanup authfs_service / servicemanager communication permissions"
This commit is contained in:
Alice Wang
Gerrit Code Review
commit
3a7809a818
4 changed files with 0 additions and 11 deletions
|
|
@ -9,10 +9,6 @@ type authfs_service_exec, exec_type, file_type, system_file_type;
|
|||
# Allow domain transition from init.
|
||||
init_daemon_domain(authfs_service)
|
||||
|
||||
# Allow running as a binder service.
|
||||
binder_call(authfs_service, servicemanager)
|
||||
add_service(authfs_service, authfs_binder_service)
|
||||
|
||||
# Allow domain transition into authfs.
|
||||
domain_auto_trans(authfs_service, authfs_exec, authfs)
|
||||
|
||||
|
|
|
|||
|
|
@ -44,11 +44,6 @@ r_dir_file(microdroid_payload, extra_apk_file)
|
|||
# Payload can read /proc/meminfo.
|
||||
allow microdroid_payload proc_meminfo:file r_file_perms;
|
||||
|
||||
# Allow use of authfs.
|
||||
binder_use(microdroid_payload);
|
||||
allow microdroid_payload authfs_binder_service:service_manager find;
|
||||
binder_call(microdroid_payload, authfs_service);
|
||||
|
||||
# Allow payload to communicate with authfs_service
|
||||
unix_socket_connect(microdroid_payload, authfs_service, authfs_service)
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
adb u:object_r:adb_service:s0
|
||||
apexservice u:object_r:apex_service:s0
|
||||
authfs_service u:object_r:authfs_binder_service:s0
|
||||
manager u:object_r:service_manager_service:s0
|
||||
* u:object_r:default_android_service:s0
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
# Miscellaneous types
|
||||
type adb_service, service_manager_type;
|
||||
type apex_service, service_manager_type;
|
||||
type authfs_binder_service, service_manager_type;
|
||||
type default_android_service, service_manager_type;
|
||||
type service_manager_service, service_manager_type;
|
||||
type system_linker;
|
||||
|
|
|
|||
Loading…
Reference in a new issue