platform_system_sepolicy/vendor/hal_evs_default.te
Changyeon Jo eacb1095a8 Revert^2 "Updates sepolicy for EVS HAL"
418f41ad13

Bug: 216727303
Test: m -j selinux_policy on failed targets reported
      in b/218802298
Change-Id: Iec8fd2a1e9073bf3dc679e308407572a8fcf44d9
2022-02-10 17:21:54 +00:00

24 lines
938 B
Text

# evs_mock mock hardware driver service
type hal_evs_default, domain;
hal_server_domain(hal_evs_default, hal_evs)
# allow init to launch processes in this context
type hal_evs_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_evs_default)
# allow to use a graphic buffer
hal_client_domain(hal_evs_default, hal_configstore)
hal_client_domain(hal_evs_default, hal_graphics_allocator)
hal_client_domain(hal_evs_default, hal_graphics_composer)
# allow to use automotive display service
binder_call(hal_evs_default, automotive_display_service_server)
allow hal_evs_default fwk_automotive_display_hwservice:hwservice_manager find;
# allow to access EGL
allow hal_evs_default gpu_device:chr_file rw_file_perms;
allow hal_evs_default gpu_device:dir search;
# allow to monitor uevents and access video devices
allow hal_evs_default device:dir r_dir_perms;
allow hal_evs_default video_device:chr_file rw_file_perms;