82f7900341
Like HIDL HALs, if we have a service which is allowed to access hal_<foo>_service, we want that service to have the attribute hal_<foo>_client. Unlike HIDL HALs, some AIDL services are allowed to get ahold of all HALs, so these have to be exempted from this check. Fixes: 168152053 Test: neverallows pass Change-Id: I4bce6d9441c2921c3ea40f2b01fef4030c02a28a
19 lines
662 B
Text
19 lines
662 B
Text
# HwBinder IPC from client to server, and callbacks
|
|
binder_call(hal_fingerprint_client, hal_fingerprint_server)
|
|
binder_call(hal_fingerprint_server, hal_fingerprint_client)
|
|
|
|
hal_attribute_hwservice(hal_fingerprint, hal_fingerprint_hwservice)
|
|
hal_attribute_service(hal_fingerprint, hal_fingerprint_service)
|
|
|
|
binder_call(hal_fingerprint_server, servicemanager)
|
|
|
|
# For memory allocation
|
|
allow hal_fingerprint ion_device:chr_file r_file_perms;
|
|
|
|
allow hal_fingerprint fingerprint_vendor_data_file:file { create_file_perms };
|
|
allow hal_fingerprint fingerprint_vendor_data_file:dir rw_dir_perms;
|
|
|
|
r_dir_file(hal_fingerprint, cgroup)
|
|
r_dir_file(hal_fingerprint, sysfs)
|
|
|
|
|