Switch Allocator HAL policy to _client/_server am: 08d6f56649
am: 453f6400f8
Change-Id: I99bb53c1376dca0072609e68d3b9c3bd2fa963f5
This commit is contained in:
Alex Klyubin
android-build-merger
commit
8988daa510
7 changed files with 11 additions and 9 deletions
|
|
@ -247,7 +247,7 @@
|
|||
/system/bin/webview_zygote32 u:object_r:webview_zygote_exec:s0
|
||||
/system/bin/webview_zygote64 u:object_r:webview_zygote_exec:s0
|
||||
/system/bin/virtual_touchpad u:object_r:virtual_touchpad_exec:s0
|
||||
/system/bin/hw/android\.hidl\.allocator@1\.0-service u:object_r:hal_allocator_exec:s0
|
||||
/system/bin/hw/android\.hidl\.allocator@1\.0-service u:object_r:hal_allocator_default_exec:s0
|
||||
|
||||
#############################
|
||||
# Vendor files
|
||||
|
|
|
|||
|
|
@ -1 +0,0 @@
|
|||
init_daemon_domain(hal_allocator)
|
||||
5
private/hal_allocator_default.te
Normal file
5
private/hal_allocator_default.te
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
type hal_allocator_default, domain;
|
||||
hal_server_domain(hal_allocator_default, hal_allocator)
|
||||
|
||||
type hal_allocator_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_allocator_default)
|
||||
|
|
@ -121,6 +121,9 @@ attribute halserverdomain;
|
|||
attribute halclientdomain;
|
||||
|
||||
# HALs
|
||||
attribute hal_allocator;
|
||||
attribute hal_allocator_client;
|
||||
attribute hal_allocator_server;
|
||||
attribute hal_audio;
|
||||
attribute hal_audio_client;
|
||||
attribute hal_audio_server;
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
# allocator subsystem
|
||||
type hal_allocator, domain;
|
||||
hal_impl_domain(hal_allocator)
|
||||
|
||||
type hal_allocator_exec, exec_type, file_type;
|
||||
|
|
@ -16,7 +16,7 @@ allow { hal_camera_client hal_camera_server } hal_graphics_allocator:fd use;
|
|||
# Allow hal_camera to use fd from app,gralloc,and ashmem HAL
|
||||
allow hal_camera { appdomain -isolated_app }:fd use;
|
||||
allow hal_camera surfaceflinger:fd use;
|
||||
allow hal_camera hal_allocator:fd use;
|
||||
allow hal_camera hal_allocator_server:fd use;
|
||||
|
||||
###
|
||||
### neverallow rules
|
||||
|
|
|
|||
|
|
@ -338,7 +338,7 @@ typeattribute $1 binderservicedomain;
|
|||
# Allow a domain to use Hidl shared memory
|
||||
define(`hwallocator_use', `
|
||||
# Call into the allocator hal
|
||||
binder_call($1, hal_allocator);
|
||||
binder_call($1, hal_allocator_server);
|
||||
')
|
||||
|
||||
#####################################
|
||||
|
|
|
|||
Loading…
Reference in a new issue