Merge "Add sepolicy swcodec native flag namespace." am: ad580990c4
am: 2c5521f535
am: d3e3c3a5cc
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1584530 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: Ie8ff009618acd492d442d4305b81ae67c2010499
This commit is contained in:
commit
46709ccb6a
7 changed files with 8 additions and 0 deletions
|
@ -22,6 +22,7 @@
|
|||
debugfs_mm_events_tracing
|
||||
device_config_profcollect_native_boot_prop
|
||||
device_config_connectivity_prop
|
||||
device_config_swcodec_native_prop
|
||||
device_state_service
|
||||
dm_user_device
|
||||
dmabuf_heap_device
|
||||
|
|
|
@ -14,6 +14,7 @@ set_prop(flags_health_check, device_config_profcollect_native_boot_prop)
|
|||
set_prop(flags_health_check, device_config_statsd_native_prop)
|
||||
set_prop(flags_health_check, device_config_statsd_native_boot_prop)
|
||||
set_prop(flags_health_check, device_config_storage_native_boot_prop)
|
||||
set_prop(flags_health_check, device_config_swcodec_native_prop)
|
||||
set_prop(flags_health_check, device_config_sys_traced_prop)
|
||||
set_prop(flags_health_check, device_config_window_manager_native_boot_prop)
|
||||
set_prop(flags_health_check, device_config_configuration_prop)
|
||||
|
|
|
@ -7,3 +7,4 @@ allow mediaextractor mediaserver_tmpfs:file { getattr map read write };
|
|||
allow mediaextractor system_server_tmpfs:file { getattr map read write };
|
||||
|
||||
get_prop(mediaextractor, device_config_media_native_prop)
|
||||
get_prop(mediaextractor, device_config_swcodec_native_prop)
|
||||
|
|
|
@ -3,3 +3,4 @@ typeattribute mediaswcodec coredomain;
|
|||
init_daemon_domain(mediaswcodec)
|
||||
|
||||
get_prop(mediaswcodec, device_config_media_native_prop)
|
||||
get_prop(mediaswcodec, device_config_swcodec_native_prop)
|
||||
|
|
|
@ -9,6 +9,7 @@ system_internal_prop(device_config_sys_traced_prop)
|
|||
system_internal_prop(device_config_window_manager_native_boot_prop)
|
||||
system_internal_prop(device_config_configuration_prop)
|
||||
system_internal_prop(device_config_connectivity_prop)
|
||||
system_internal_prop(device_config_swcodec_native_prop)
|
||||
system_internal_prop(fastbootd_protocol_prop)
|
||||
system_internal_prop(gsid_prop)
|
||||
system_internal_prop(init_perf_lsm_hooks_prop)
|
||||
|
|
|
@ -231,6 +231,7 @@ persist.device_config.runtime_native_boot. u:object_r:device_config_run
|
|||
persist.device_config.statsd_native. u:object_r:device_config_statsd_native_prop:s0
|
||||
persist.device_config.statsd_native_boot. u:object_r:device_config_statsd_native_boot_prop:s0
|
||||
persist.device_config.storage_native_boot. u:object_r:device_config_storage_native_boot_prop:s0
|
||||
persist.device_config.swcodec_native. u:object_r:device_config_swcodec_native_prop:s0
|
||||
persist.device_config.window_manager_native_boot. u:object_r:device_config_window_manager_native_boot_prop:s0
|
||||
|
||||
# Properties that relate to legacy server configurable flags
|
||||
|
|
|
@ -676,6 +676,7 @@ set_prop(system_server, device_config_profcollect_native_boot_prop)
|
|||
set_prop(system_server, device_config_statsd_native_prop)
|
||||
set_prop(system_server, device_config_statsd_native_boot_prop)
|
||||
set_prop(system_server, device_config_storage_native_boot_prop)
|
||||
set_prop(system_server, device_config_swcodec_native_prop)
|
||||
set_prop(system_server, device_config_sys_traced_prop)
|
||||
set_prop(system_server, device_config_window_manager_native_boot_prop)
|
||||
set_prop(system_server, device_config_configuration_prop)
|
||||
|
@ -1148,6 +1149,7 @@ neverallow {
|
|||
device_config_media_native_prop
|
||||
device_config_storage_native_boot_prop
|
||||
device_config_sys_traced_prop
|
||||
device_config_swcodec_native_prop
|
||||
device_config_window_manager_native_boot_prop
|
||||
}:property_service set;
|
||||
|
||||
|
|
Loading…
Reference in a new issue