0393dafd5d
type=1400 audit(1501520483.066:14): avc: denied { write } for pid=3330
comm=4173796E635461736B202331 name="property_service" dev="tmpfs"
ino=10749 scontext=u:r:nfc:s0 tcontext=u:object_r:property_socket:s0
tclass=sock_file permissive=0
Test: No sepolicy denials
Bug: 64010793
Change-Id: I8d73e8e19cd4d0a8c61f1f184820c53e5cc2b6d6
(cherry picked from commit df9649503a
)
34 lines
1.1 KiB
Text
34 lines
1.1 KiB
Text
# nfc subsystem
|
|
typeattribute nfc coredomain;
|
|
app_domain(nfc)
|
|
net_domain(nfc)
|
|
|
|
binder_service(nfc)
|
|
add_service(nfc, nfc_service)
|
|
|
|
hal_client_domain(nfc, hal_nfc)
|
|
|
|
# Data file accesses.
|
|
allow nfc nfc_data_file:dir create_dir_perms;
|
|
allow nfc nfc_data_file:notdevfile_class_set create_file_perms;
|
|
|
|
# SoundPool loading and playback
|
|
allow nfc audioserver_service:service_manager find;
|
|
allow nfc drmserver_service:service_manager find;
|
|
allow nfc mediacodec_service:service_manager find;
|
|
allow nfc mediametrics_service:service_manager find;
|
|
allow nfc mediaextractor_service:service_manager find;
|
|
allow nfc mediaserver_service:service_manager find;
|
|
|
|
allow nfc radio_service:service_manager find;
|
|
allow nfc surfaceflinger_service:service_manager find;
|
|
allow nfc app_api_service:service_manager find;
|
|
allow nfc system_api_service:service_manager find;
|
|
allow nfc vr_manager_service:service_manager find;
|
|
|
|
set_prop(nfc, nfc_prop);
|
|
|
|
# already open bugreport file descriptors may be shared with
|
|
# the nfc process, from a file in
|
|
# /data/data/com.android.shell/files/bugreports/bugreport-*.
|
|
allow nfc shell_data_file:file read;
|