cd82557d40
All domains are currently granted list and find service_manager permissions, but this is not necessary. Pare the permissions which did not trigger any of the auditallow reporting. Bug: 18106000 Change-Id: Ie0ce8de2af8af2cbe4ce388a2dcf4534694c994a
19 lines
485 B
Text
19 lines
485 B
Text
# bootanimation oneshot service
|
|
type bootanim, domain;
|
|
type bootanim_exec, exec_type, file_type;
|
|
|
|
init_daemon_domain(bootanim)
|
|
|
|
binder_use(bootanim)
|
|
binder_call(bootanim, surfaceflinger)
|
|
|
|
allow bootanim gpu_device:chr_file rw_file_perms;
|
|
|
|
# /oem access
|
|
allow bootanim oemfs:dir search;
|
|
allow bootanim oemfs:file r_file_perms;
|
|
|
|
allow bootanim audio_device:dir r_dir_perms;
|
|
allow bootanim audio_device:chr_file rw_file_perms;
|
|
|
|
allow bootanim surfaceflinger_service:service_manager find;
|