Merge "Add sepolicy for IFingerprint"
This commit is contained in:
commit
fd735237e4
6 changed files with 10 additions and 3 deletions
|
@ -11,6 +11,7 @@
|
||||||
debugfs_kprobes
|
debugfs_kprobes
|
||||||
gki_apex_prepostinstall
|
gki_apex_prepostinstall
|
||||||
gki_apex_prepostinstall_exec
|
gki_apex_prepostinstall_exec
|
||||||
|
hal_fingerprint_service
|
||||||
gnss_device
|
gnss_device
|
||||||
hal_dumpstate_config_prop
|
hal_dumpstate_config_prop
|
||||||
keystore2_key_contexts_file
|
keystore2_key_contexts_file
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
|
android.hardware.biometrics.fingerprint.IFingerprint/default u:object_r:hal_fingerprint_service:s0
|
||||||
android.hardware.identity.IIdentityCredentialStore/default u:object_r:hal_identity_service:s0
|
android.hardware.identity.IIdentityCredentialStore/default u:object_r:hal_identity_service:s0
|
||||||
android.hardware.light.ILights/default u:object_r:hal_light_service:s0
|
android.hardware.light.ILights/default u:object_r:hal_light_service:s0
|
||||||
android.hardware.power.IPower/default u:object_r:hal_power_service:s0
|
android.hardware.power.IPower/default u:object_r:hal_power_service:s0
|
||||||
|
|
|
@ -777,7 +777,6 @@ allow system_server fingerprintd_service:service_manager find;
|
||||||
allow system_server gatekeeper_service:service_manager find;
|
allow system_server gatekeeper_service:service_manager find;
|
||||||
allow system_server gpu_service:service_manager find;
|
allow system_server gpu_service:service_manager find;
|
||||||
allow system_server gsi_service:service_manager find;
|
allow system_server gsi_service:service_manager find;
|
||||||
allow system_server hal_fingerprint_service:service_manager find;
|
|
||||||
allow system_server idmap_service:service_manager find;
|
allow system_server idmap_service:service_manager find;
|
||||||
allow system_server incident_service:service_manager find;
|
allow system_server incident_service:service_manager find;
|
||||||
allow system_server incremental_service:service_manager find;
|
allow system_server incremental_service:service_manager find;
|
||||||
|
|
|
@ -4,6 +4,11 @@ binder_call(hal_fingerprint_server, hal_fingerprint_client)
|
||||||
|
|
||||||
hal_attribute_hwservice(hal_fingerprint, hal_fingerprint_hwservice)
|
hal_attribute_hwservice(hal_fingerprint, hal_fingerprint_hwservice)
|
||||||
|
|
||||||
|
add_service(hal_fingerprint_server, hal_fingerprint_service)
|
||||||
|
binder_call(hal_fingerprint_server, servicemanager)
|
||||||
|
|
||||||
|
allow hal_fingerprint_client hal_fingerprint_service:service_manager find;
|
||||||
|
|
||||||
# For memory allocation
|
# For memory allocation
|
||||||
allow hal_fingerprint ion_device:chr_file r_file_perms;
|
allow hal_fingerprint ion_device:chr_file r_file_perms;
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,6 @@ type dnsresolver_service, service_manager_type;
|
||||||
type drmserver_service, service_manager_type;
|
type drmserver_service, service_manager_type;
|
||||||
type dumpstate_service, service_manager_type;
|
type dumpstate_service, service_manager_type;
|
||||||
type fingerprintd_service, service_manager_type;
|
type fingerprintd_service, service_manager_type;
|
||||||
type hal_fingerprint_service, service_manager_type;
|
|
||||||
type gatekeeper_service, app_api_service, service_manager_type;
|
type gatekeeper_service, app_api_service, service_manager_type;
|
||||||
type gpu_service, app_api_service, ephemeral_app_api_service, service_manager_type;
|
type gpu_service, app_api_service, ephemeral_app_api_service, service_manager_type;
|
||||||
type idmap_service, service_manager_type;
|
type idmap_service, service_manager_type;
|
||||||
|
@ -212,6 +211,7 @@ type emergency_affordance_service, system_server_service, service_manager_type;
|
||||||
### HAL Services
|
### HAL Services
|
||||||
###
|
###
|
||||||
|
|
||||||
|
type hal_fingerprint_service, vendor_service, service_manager_type;
|
||||||
type hal_identity_service, vendor_service, service_manager_type;
|
type hal_identity_service, vendor_service, service_manager_type;
|
||||||
type hal_light_service, vendor_service, service_manager_type;
|
type hal_light_service, vendor_service, service_manager_type;
|
||||||
type hal_power_service, vendor_service, service_manager_type;
|
type hal_power_service, vendor_service, service_manager_type;
|
||||||
|
|
3
vendor/file_contexts
vendored
3
vendor/file_contexts
vendored
|
@ -10,8 +10,9 @@
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.vehicle@2\.0-(service|protocan-service) u:object_r:hal_vehicle_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.vehicle@2\.0-(service|protocan-service) u:object_r:hal_vehicle_default_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth@1\.[0-9]+-service u:object_r:hal_bluetooth_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth@1\.[0-9]+-service u:object_r:hal_bluetooth_default_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth@1\.[0-9]+-service\.btlinux u:object_r:hal_bluetooth_btlinux_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth@1\.[0-9]+-service\.btlinux u:object_r:hal_bluetooth_btlinux_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service u:object_r:hal_fingerprint_default_exec:s0
|
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.face@1\.[0-9]+-service\.example u:object_r:hal_face_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.face@1\.[0-9]+-service\.example u:object_r:hal_face_default_exec:s0
|
||||||
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service u:object_r:hal_fingerprint_default_exec:s0
|
||||||
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint-service u:object_r:hal_fingerprint_default_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.boot@1\.[0-9]+-service u:object_r:hal_bootctl_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.boot@1\.[0-9]+-service u:object_r:hal_bootctl_default_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.broadcastradio@\d+\.\d+-service u:object_r:hal_broadcastradio_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.broadcastradio@\d+\.\d+-service u:object_r:hal_broadcastradio_default_exec:s0
|
||||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.camera\.provider@2\.[0-9]+-service_64 u:object_r:hal_camera_default_exec:s0
|
/(vendor|system/vendor)/bin/hw/android\.hardware\.camera\.provider@2\.[0-9]+-service_64 u:object_r:hal_camera_default_exec:s0
|
||||||
|
|
Loading…
Reference in a new issue