sepolicy: allow surfaceflinger to set surfaceflinger_display_prop am: 58fc40a8ba
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/11894998 Change-Id: Ib1c9387114f44db36c4fa1c051d093bd88c0a19a
This commit is contained in:
Midas Chien
Automerger Merge Worker
commit
acd7e4727d
10 changed files with 10 additions and 20 deletions
|
|
@ -264,5 +264,5 @@ init.userspace_reboot.started.timeoutmillis u:object_r:userspace_reboot_config_p
|
|||
init.userspace_reboot.userdata_remount.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
|
||||
init.userspace_reboot.watchdog.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
|
||||
|
||||
# vendor-init-settable
|
||||
# surfaceflinger-settable
|
||||
graphics.display.kernel_idle_timer.enabled u:object_r:surfaceflinger_display_prop:s0 exact bool
|
||||
|
|
|
|||
|
|
@ -57,9 +57,7 @@ set_prop(surfaceflinger, exported_system_prop)
|
|||
set_prop(surfaceflinger, exported2_system_prop)
|
||||
set_prop(surfaceflinger, exported3_system_prop)
|
||||
set_prop(surfaceflinger, ctl_bootanim_prop)
|
||||
|
||||
# Get properties
|
||||
get_prop(surfaceflinger, surfaceflinger_display_prop)
|
||||
set_prop(surfaceflinger, surfaceflinger_display_prop)
|
||||
|
||||
# Use open files supplied by an app.
|
||||
allow surfaceflinger appdomain:fd use;
|
||||
|
|
|
|||
|
|
@ -57,8 +57,6 @@ auditallow system_app system_radio_prop:property_service set;
|
|||
auditallow system_app exported_system_radio_prop:property_service set;
|
||||
# Allow Settings to enable Dynamic System Update
|
||||
set_prop(system_app, dynamic_system_prop)
|
||||
# Allow Settings to config display kernel idle timer
|
||||
set_prop(system_app, surfaceflinger_display_prop)
|
||||
|
||||
# ctl interface
|
||||
set_prop(system_app, ctl_default_prop)
|
||||
|
|
|
|||
|
|
@ -77,6 +77,7 @@ system_restricted_prop(module_sdkextensions_prop)
|
|||
system_restricted_prop(nnapi_ext_deny_product_prop)
|
||||
system_restricted_prop(restorecon_prop)
|
||||
system_restricted_prop(socket_hook_prop)
|
||||
system_restricted_prop(surfaceflinger_display_prop)
|
||||
system_restricted_prop(system_boot_reason_prop)
|
||||
system_restricted_prop(system_jvmti_agent_prop)
|
||||
system_restricted_prop(userspace_reboot_exported_prop)
|
||||
|
|
@ -168,7 +169,6 @@ system_public_prop(ota_prop)
|
|||
system_public_prop(powerctl_prop)
|
||||
system_public_prop(radio_prop)
|
||||
system_public_prop(serialno_prop)
|
||||
system_public_prop(surfaceflinger_display_prop)
|
||||
system_public_prop(system_prop)
|
||||
system_public_prop(wifi_log_prop)
|
||||
system_public_prop(wifi_prop)
|
||||
|
|
@ -614,8 +614,7 @@ neverallow {
|
|||
|
||||
neverallow {
|
||||
-init
|
||||
-vendor_init
|
||||
-system_app
|
||||
-surfaceflinger
|
||||
} {
|
||||
surfaceflinger_display_prop
|
||||
}:property_service set;
|
||||
|
|
|
|||
|
|
@ -236,7 +236,6 @@ set_prop(vendor_init, log_prop)
|
|||
set_prop(vendor_init, rebootescrow_hal_prop)
|
||||
set_prop(vendor_init, serialno_prop)
|
||||
set_prop(vendor_init, storage_config_prop)
|
||||
set_prop(vendor_init, surfaceflinger_display_prop)
|
||||
set_prop(vendor_init, userspace_reboot_config_prop)
|
||||
set_prop(vendor_init, vehicle_hal_prop)
|
||||
set_prop(vendor_init, vendor_default_prop)
|
||||
|
|
@ -247,6 +246,7 @@ set_prop(vendor_init, wifi_log_prop)
|
|||
|
||||
get_prop(vendor_init, exported2_radio_prop)
|
||||
get_prop(vendor_init, exported3_system_prop)
|
||||
get_prop(vendor_init, surfaceflinger_display_prop)
|
||||
get_prop(vendor_init, theme_prop)
|
||||
|
||||
get_prop(vendor_init, ota_prop)
|
||||
|
|
|
|||
|
|
@ -264,5 +264,5 @@ init.userspace_reboot.started.timeoutmillis u:object_r:userspace_reboot_config_p
|
|||
init.userspace_reboot.userdata_remount.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
|
||||
init.userspace_reboot.watchdog.timeoutmillis u:object_r:userspace_reboot_config_prop:s0 exact int
|
||||
|
||||
# vendor-init-settable
|
||||
# surfaceflinger-settable
|
||||
graphics.display.kernel_idle_timer.enabled u:object_r:surfaceflinger_display_prop:s0 exact bool
|
||||
|
|
|
|||
|
|
@ -57,9 +57,7 @@ set_prop(surfaceflinger, exported_system_prop)
|
|||
set_prop(surfaceflinger, exported2_system_prop)
|
||||
set_prop(surfaceflinger, exported3_system_prop)
|
||||
set_prop(surfaceflinger, ctl_bootanim_prop)
|
||||
|
||||
# Get properties
|
||||
get_prop(surfaceflinger, surfaceflinger_display_prop)
|
||||
set_prop(surfaceflinger, surfaceflinger_display_prop)
|
||||
|
||||
# Use open files supplied by an app.
|
||||
allow surfaceflinger appdomain:fd use;
|
||||
|
|
|
|||
|
|
@ -57,8 +57,6 @@ auditallow system_app system_radio_prop:property_service set;
|
|||
auditallow system_app exported_system_radio_prop:property_service set;
|
||||
# Allow Settings to enable Dynamic System Update
|
||||
set_prop(system_app, dynamic_system_prop)
|
||||
# Allow Settings to config display kernel idle timer
|
||||
set_prop(system_app, surfaceflinger_display_prop)
|
||||
|
||||
# ctl interface
|
||||
set_prop(system_app, ctl_default_prop)
|
||||
|
|
|
|||
|
|
@ -77,6 +77,7 @@ system_restricted_prop(module_sdkextensions_prop)
|
|||
system_restricted_prop(nnapi_ext_deny_product_prop)
|
||||
system_restricted_prop(restorecon_prop)
|
||||
system_restricted_prop(socket_hook_prop)
|
||||
system_restricted_prop(surfaceflinger_display_prop)
|
||||
system_restricted_prop(system_boot_reason_prop)
|
||||
system_restricted_prop(system_jvmti_agent_prop)
|
||||
system_restricted_prop(userspace_reboot_exported_prop)
|
||||
|
|
@ -168,7 +169,6 @@ system_public_prop(ota_prop)
|
|||
system_public_prop(powerctl_prop)
|
||||
system_public_prop(radio_prop)
|
||||
system_public_prop(serialno_prop)
|
||||
system_public_prop(surfaceflinger_display_prop)
|
||||
system_public_prop(system_prop)
|
||||
system_public_prop(wifi_log_prop)
|
||||
system_public_prop(wifi_prop)
|
||||
|
|
@ -614,8 +614,7 @@ neverallow {
|
|||
|
||||
neverallow {
|
||||
-init
|
||||
-vendor_init
|
||||
-system_app
|
||||
-surfaceflinger
|
||||
} {
|
||||
surfaceflinger_display_prop
|
||||
}:property_service set;
|
||||
|
|
|
|||
|
|
@ -236,7 +236,6 @@ set_prop(vendor_init, log_prop)
|
|||
set_prop(vendor_init, rebootescrow_hal_prop)
|
||||
set_prop(vendor_init, serialno_prop)
|
||||
set_prop(vendor_init, storage_config_prop)
|
||||
set_prop(vendor_init, surfaceflinger_display_prop)
|
||||
set_prop(vendor_init, userspace_reboot_config_prop)
|
||||
set_prop(vendor_init, vehicle_hal_prop)
|
||||
set_prop(vendor_init, vendor_default_prop)
|
||||
|
|
@ -247,6 +246,7 @@ set_prop(vendor_init, wifi_log_prop)
|
|||
|
||||
get_prop(vendor_init, exported2_radio_prop)
|
||||
get_prop(vendor_init, exported3_system_prop)
|
||||
get_prop(vendor_init, surfaceflinger_display_prop)
|
||||
get_prop(vendor_init, theme_prop)
|
||||
|
||||
get_prop(vendor_init, ota_prop)
|
||||
|
|
|
|||
Loading…
Reference in a new issue