336d0fed4e
I took current AOSP policy as base, then removed sepolicy so that the set of type and attributes was a subset of types and attributes in Q sepolicy, with exception of those that have not yet been cleand up in current AOSP: mediaswcodec_server netd_socket mediaextractor_update_service thermalserviced thermalserviced_exec Bug: 133196056 Test: n/a Change-Id: I863429d61d3fad0272c1d3f1e429cd997513a74a Merged-In: I3e091652fa8d1757b1f71f7559186d5b32f000d5
25 lines
925 B
Text
25 lines
925 B
Text
# servicemanager - the Binder context manager
|
|
type servicemanager, domain, mlstrustedsubject;
|
|
type servicemanager_exec, system_file_type, exec_type, file_type;
|
|
|
|
# Note that we do not use the binder_* macros here.
|
|
# servicemanager is unique in that it only provides
|
|
# name service (aka context manager) for Binder.
|
|
# As such, it only ever receives and transfers other references
|
|
# created by other domains. It never passes its own references
|
|
# or initiates a Binder IPC.
|
|
allow servicemanager self:binder set_context_mgr;
|
|
allow servicemanager {
|
|
domain
|
|
-init
|
|
-vendor_init
|
|
-hwservicemanager
|
|
-vndservicemanager
|
|
}:binder transfer;
|
|
|
|
allow servicemanager service_contexts_file:file r_file_perms;
|
|
# nonplat_service_contexts only accessible on non full-treble devices
|
|
not_full_treble(`allow servicemanager nonplat_service_contexts_file:file r_file_perms;')
|
|
|
|
# Check SELinux permissions.
|
|
selinux_check_access(servicemanager)
|