41518bec25
This switches Sensors HAL policy to the design which enables us to conditionally remove unnecessary rules from domains which are clients of Sensors HAL. Domains which are clients of Sensors HAL, such as system_server, are granted rules targeting hal_sensors only when the Sensors HAL runs in passthrough mode (i.e., inside the client's process). When the HAL runs in binderized mode (i.e., in another process/domain, with clients talking to the HAL over HwBinder IPC), rules targeting hal_sensors are not granted to client domains. Domains which offer a binderized implementation of Sensors HAL, such as hal_sensors_default domain, are always granted rules targeting hal_sensors. P. S. This commit also removes allow system_server sensors_device:chr_file rw_file_perms because this is device-specific and thus not needed in device-agnostic policy. The device-specific policy of the affected devices already has this rule. Test: Device boots, no new denials Test: adb shell dumpsys sensorservice lists tons of sensors Test: Proprietary sensors test app indicates that there are sensors and that the app can register to listen for updates for sensors and that such updates arrive to the app. Bug: 34170079 Change-Id: I61bf779070eabcb64ae73724d62b6e837319a668
5 lines
206 B
Text
5 lines
206 B
Text
# HwBinder IPC from client to server
|
|
binder_call(hal_sensors_client, hal_sensors_server)
|
|
|
|
# Allow sensor hals to access ashmem memory allocated by apps
|
|
allow hal_sensors { appdomain -isolated_app }:fd use;
|