tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Allow system_server to read vendor_file"

Browse source 
am: 25b4eb217c

Change-Id: I78ecee68fdc8dadf62b0c3977f01a0571a1bdc1f
This commit is contained in:
Siarhei Vishniakou 2018-10-12 13:14:55 -07:00 committed by android-build-merger
commit c38d803278
4 changed files with 18 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
private/compat/28.0/28.0.ignore.cil
View file

@ -49,5 +49,8 @@
timedetector_service
timezonedetector_service
uri_grants_service
vendor_idc_file
vendor_keychars_file
vendor_keylayout_file
vrflinger_vsync_service
watchdogd_tmpfs))

5
private/file_contexts
View file

@ -349,6 +349,11 @@
/(odm|vendor/odm)/overlay(/.*)? u:object_r:vendor_overlay_file:s0
/(odm|vendor/odm)/framework(/.*)? u:object_r:vendor_framework_file:s0
# Input configuration
/(odm|vendor)/usr/keylayout(/.*)?.kl u:object_r:vendor_keylayout_file:s0
/(odm|vendor)/usr/keychars(/.*)?.kcm u:object_r:vendor_keychars_file:s0
/(odm|vendor)/usr/idc(/.*)?.idc u:object_r:vendor_idc_file:s0
/oem(/.*)? u:object_r:oemfs:s0
# The precompiled monolithic sepolicy will be under /odm only when

5
private/system_server.te
View file

@ -352,6 +352,11 @@ allow system_server apk_data_file:{ file lnk_file } { create_file_perms link };
allow system_server apk_tmp_file:dir create_dir_perms;
allow system_server apk_tmp_file:file create_file_perms;
# Access input configuration files in the /vendor directory
r_dir_file(system_server, vendor_keylayout_file)
r_dir_file(system_server, vendor_keychars_file)
r_dir_file(system_server, vendor_idc_file)
# Access /vendor/{app,framework,overlay}
r_dir_file(system_server, vendor_app_file)
r_dir_file(system_server, vendor_framework_file)

5
public/file.te
View file

@ -171,6 +171,11 @@ type vendor_overlay_file, vendor_file_type, file_type;
# apps. ABI stability of these libs is vendor's responsibility.
type vendor_public_lib_file, vendor_file_type, file_type;
# Input configuration
type vendor_keylayout_file, vendor_file_type, file_type;
type vendor_keychars_file, vendor_file_type, file_type;
type vendor_idc_file, vendor_file_type, file_type;
# /metadata partition itself
type metadata_file, file_type;
# Vold files within /metadata