75806ef3c5
Ideally, public should only contain APIs (types / attributes) for
vendor. The other statements like allow/neverallow/typeattributes are
regarded as implementation detail for platform and should be in private.
Bug: 232023812
Test: m selinux_policy
Test: diff <(git diff --staged | grep "^-" | cut -b2- | sort) \
<(git diff --staged | grep "^+" | cut -b2- | sort)
Test: remove comments on plat_sepolicy.cil, replace base_typeattr_*
to base_typeattr and then compare old and new plat_sepolicy.cil
Change-Id: I5e7d2da4465ab0216de6bacdf03077d37f6ffe12
20 lines
684 B
Text
20 lines
684 B
Text
# HwBinder IPC from client to server, and callbacks
|
|
binder_call(hal_fingerprint_client, hal_fingerprint_server)
|
|
binder_call(hal_fingerprint_server, hal_fingerprint_client)
|
|
|
|
hal_attribute_hwservice(hal_fingerprint, hal_fingerprint_hwservice)
|
|
hal_attribute_service(hal_fingerprint, hal_fingerprint_service)
|
|
|
|
binder_use(hal_fingerprint_server)
|
|
|
|
# For memory allocation
|
|
allow hal_fingerprint ion_device:chr_file r_file_perms;
|
|
|
|
allow hal_fingerprint fingerprint_vendor_data_file:file { create_file_perms };
|
|
allow hal_fingerprint fingerprint_vendor_data_file:dir rw_dir_perms;
|
|
|
|
r_dir_file(hal_fingerprint, cgroup)
|
|
r_dir_file(hal_fingerprint, cgroup_v2)
|
|
r_dir_file(hal_fingerprint, sysfs)
|
|
|
|
|