Merge "Add sepolicy for IBootControl AIDL"
This commit is contained in:
Treehugger Robot
Gerrit Code Review
commit
921af40c4b
6 changed files with 9 additions and 0 deletions
|
|
@ -6,6 +6,7 @@
|
|||
(typeattributeset new_objects
|
||||
( new_objects
|
||||
device_config_vendor_system_native_prop
|
||||
hal_bootctl_service
|
||||
virtual_face_hal_prop
|
||||
virtual_fingerprint_hal_prop
|
||||
))
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ android.hardware.audio.core.IConfig/default u:object_r:
|
|||
android.hardware.audio.core.IModule/default u:object_r:hal_audio_service:s0
|
||||
android.hardware.authsecret.IAuthSecret/default u:object_r:hal_authsecret_service:s0
|
||||
android.hardware.automotive.evs.IEvsEnumerator/hw/0 u:object_r:hal_evs_service:s0
|
||||
android.hardware.boot.IBootControl/default u:object_r:hal_bootctl_service:s0
|
||||
android.hardware.automotive.evs.IEvsEnumerator/hw/1 u:object_r:hal_evs_service:s0
|
||||
android.hardware.automotive.vehicle.IVehicle/default u:object_r:hal_vehicle_service:s0
|
||||
android.hardware.automotive.audiocontrol.IAudioControl/default u:object_r:hal_audiocontrol_service:s0
|
||||
|
|
|
|||
|
|
@ -30,3 +30,7 @@ get_prop(update_engine, snapuserd_prop)
|
|||
# capex decompression
|
||||
allow update_engine apex_service:service_manager find;
|
||||
binder_call(update_engine, apexd)
|
||||
|
||||
# let this domain use the hal service
|
||||
binder_use(update_engine)
|
||||
hal_client_domain(update_engine, hal_bootctl)
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
# HwBinder IPC from client to server, and callbacks
|
||||
binder_call(hal_bootctl_client, hal_bootctl_server)
|
||||
binder_call(hal_bootctl_server, hal_bootctl_client)
|
||||
binder_use(hal_bootctl_server)
|
||||
|
||||
hal_attribute_hwservice(hal_bootctl, hal_bootctl_hwservice)
|
||||
allow hal_bootctl_server proc_bootconfig:file r_file_perms;
|
||||
|
|
|
|||
|
|
@ -269,6 +269,7 @@ type emergency_affordance_service, system_server_service, service_manager_type;
|
|||
type hal_audio_service, vendor_service, protected_service, hal_service_type, service_manager_type;
|
||||
type hal_audiocontrol_service, vendor_service, hal_service_type, service_manager_type;
|
||||
type hal_authsecret_service, vendor_service, protected_service, hal_service_type, service_manager_type;
|
||||
type hal_bootctl_service, vendor_service, protected_service, hal_service_type, service_manager_type;
|
||||
type hal_camera_service, vendor_service, protected_service, hal_service_type, service_manager_type;
|
||||
type hal_contexthub_service, vendor_service, protected_service, hal_service_type, service_manager_type;
|
||||
type hal_dice_service, vendor_service, protected_service, hal_service_type, service_manager_type;
|
||||
|
|
|
|||
1
vendor/file_contexts
vendored
1
vendor/file_contexts
vendored
|
|
@ -20,6 +20,7 @@
|
|||
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.2-service\.example u:object_r:hal_fingerprint_default_exec:s0
|
||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint-service\.example u:object_r:hal_fingerprint_default_exec:s0
|
||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.boot@1\.[0-9]+-service u:object_r:hal_bootctl_default_exec:s0
|
||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.boot-service.default u:object_r:hal_bootctl_default_exec:s0
|
||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.broadcastradio@\d+\.\d+-service u:object_r:hal_broadcastradio_default_exec:s0
|
||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.camera\.provider@2\.[0-9]+-service_64 u:object_r:hal_camera_default_exec:s0
|
||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.camera\.provider@2\.[0-9]+-service u:object_r:hal_camera_default_exec:s0
|
||||
|
|
|
|||
Loading…
Reference in a new issue