e06e536388
Resolves denials such as:
avc: denied { read } for pid=752 comm="ActivityManager" name="stat" dev="proc" ino=1878 scontext=u:r:system_server:s0 tcontext=u:r:inputflinger:s0 tclass=file
avc: denied { open } for pid=752 comm="ActivityManager" name="stat" dev="proc" ino=1878 scontext=u:r:system_server:s0 tcontext=u:r:inputflinger:s0 tclass=file
avc: denied { search } for pid=752 comm="ActivityManager" name="214" dev="proc" ino=1568 scontext=u:r:system_server:s0 tcontext=u:r:inputflinger:s0 tclass=dir
avc: denied { read } for pid=752 comm="ActivityManager" name="stat" dev="proc" ino=1878 scontext=u:r:system_server:s0 tcontext=u:r:inputflinger:s0 tclass=file
avc: denied { call } for pid=187 comm="Binder_2" scontext=u:r:inputflinger:s0 tcontext=u:r:system_server:s0 tclass=binder
Change-Id: I099d7dacf7116efa73163245597c3de629d358c1
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
10 lines
257 B
Text
10 lines
257 B
Text
# inputflinger
|
|
type inputflinger, domain;
|
|
permissive_or_unconfined(inputflinger)
|
|
type inputflinger_exec, exec_type, file_type;
|
|
|
|
init_daemon_domain(inputflinger)
|
|
binder_use(inputflinger)
|
|
binder_service(inputflinger)
|
|
|
|
binder_call(inputflinger, system_server)
|