Evolution-x-devices/device_google_wahoo
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-02-01 07:50:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
fc8a9ad3907e92d0fd7a90f4246ae0b6dca9a6bb
device_google_wahoo/sepolicy/system_server.te
Martijn Coenen 75573c0fe5 Updated SEPolicy for camera/composer/sensors. 
Removes binder violations for camera/hwcomposer HALs.

Bug: 36683636
Bug: 37302783
Test: muskie/taimen boot, graphics/camera works
Change-Id: Id3996b3ca11e2c4cb1d0df10e0f4a456829b8f9b
2017-04-28 21:05:17 +00:00

33 lines
1.3 KiB
Plaintext
Raw Blame History

allow system_server self:socket ioctl;
allowxperm system_server self:socket ioctl msm_sock_ipc_ioctls;
# TODO(b/36867326): Remove this once system_server no longer communicates over binder
binder_call(system_server, per_mgr)
binder_call(system_server, folio_daemon)
binder_call(system_server, hal_camera_default)
allow system_server per_mgr_service:service_manager find;
# TODO(b/36613917): Remove this once system_server no longer communicates with netmgrd over sockets.
typeattribute netmgrd socket_between_core_and_vendor_violators;
unix_socket_connect(system_server, netmgrd, netmgrd)
allow system_server netmgrd_socket:dir search;
allow system_server persist_file:dir search;
allow system_server persist_sensors_file:dir search;
allow system_server persist_sensors_file:file r_file_perms;
allow system_server location_data_file:dir create_dir_perms;
allow system_server location_data_file:file create_file_perms;
allow system_server wlan_device:chr_file rw_file_perms;
userdebug_or_eng(`
permissive system_server;
')
# TODO(b/30675296): Remove following dontaudit's upon resolution of this bug
# The timerslack_ns denials spam the system really horribly
dontaudit system_server audioserver:file write;
dontaudit system_server untrusted_app:file write;
dontaudit system_server hal_audio_default:file write;
dontaudit system_server appdomain:file write;
Reference in New Issue View Git Blame Copy Permalink