96031a8357
Allow hwservicemanager to set properties starting with the prefix "hwservicemanager." b/31458381 b/31240290 Test: passing build and runtime tests Change-Id: Id92e2170f52893bbf236987ee59383df2264952f Signed-off-by: Iliyan Malchev <malchev@google.com>
20 lines
811 B
Text
20 lines
811 B
Text
# hwservicemanager - the Binder context manager for HAL services
|
|
type hwservicemanager, domain, mlstrustedsubject;
|
|
type hwservicemanager_exec, exec_type, file_type;
|
|
|
|
init_daemon_domain(hwservicemanager)
|
|
|
|
# Note that we do not use the binder_* macros here.
|
|
# hwservicemanager only provides name service (aka context manager)
|
|
# for Binder.
|
|
# As such, it only ever receives and transfers other references
|
|
# created by other domains. It never passes its own references
|
|
# or initiates a Binder IPC.
|
|
allow hwservicemanager self:binder set_context_mgr;
|
|
allow hwservicemanager { domain -init }:binder transfer;
|
|
|
|
set_prop(hwservicemanager, hwservicemanager_prop)
|
|
|
|
# TODO once hwservicemanager checks whether HALs are
|
|
# allowed to register a certain service, add policy here
|
|
# for allowing to check SELinux permissions.
|