mirror of
https://github.com/Evolution-X-Devices/device_google_wahoo
synced 2026-02-01 07:50:47 +00:00
051bcb3713
Move vendor policy to vendor and add a place for system extensions. Also add such an extension: a labeling of the qti.ims.ext service. Bug: 38151691 Bug: 62041272 Test: Policy binary identical before and after, except plat_service_contexts has new service added. Change-Id: Ie4e8527649787dcf2391b326daa80cf1c9bd9d2f
28 lines
1.2 KiB
Plaintext
28 lines
1.2 KiB
Plaintext
allow system_server self:socket ioctl;
|
|
allowxperm system_server self:socket ioctl msm_sock_ipc_ioctls;
|
|
|
|
# TODO(b/36867326): Remove this once system_server no longer communicates over binder
|
|
binder_call(system_server, per_mgr)
|
|
binder_call(system_server, folio_daemon)
|
|
|
|
binder_call(system_server, hal_camera_default)
|
|
|
|
# TODO(b/36613917): Remove this once system_server no longer communicates with netmgrd over sockets.
|
|
typeattribute netmgrd socket_between_core_and_vendor_violators;
|
|
unix_socket_connect(system_server, netmgrd, netmgrd)
|
|
|
|
allow system_server netmgrd_socket:dir search;
|
|
allow system_server persist_file:dir search;
|
|
allow system_server persist_sensors_file:dir search;
|
|
allow system_server persist_sensors_file:file r_file_perms;
|
|
allow system_server location_data_file:dir create_dir_perms;
|
|
allow system_server location_data_file:file create_file_perms;
|
|
allow system_server wlan_device:chr_file rw_file_perms;
|
|
|
|
# TODO(b/30675296): Remove following dontaudit's upon resolution of this bug
|
|
# The timerslack_ns denials spam the system really horribly
|
|
dontaudit system_server audioserver:file write;
|
|
dontaudit system_server untrusted_app:file write;
|
|
dontaudit system_server hal_audio_default:file write;
|
|
dontaudit system_server appdomain:file write;
|