sdm845-common: Satisfy LiveDisplay with neverallows addressed
* On TREBLE devices, most coredomains should not access vendor_files. For this reason, vendor.display.color@1.0.so must be present in /system so that libsdm-disp-apis.so can dlopen it. Change-Id: I850b123ea23dd3e7cc74ee9708e781748561df06
This commit is contained in:
parent
fc0d900644
commit
439a75cfd4
@ -52,6 +52,9 @@ lib/libdpmframework.so
|
||||
lib/libdpmtcm.so
|
||||
-priv-app/dpmserviceapp/dpmserviceapp.apk
|
||||
|
||||
# Display postprocessing
|
||||
lib64/vendor.display.color@1.0.so
|
||||
|
||||
# IMS
|
||||
-app/uceShimService/uceShimService.apk
|
||||
etc/permissions/com.qualcomm.qti.imscmservice.xml
|
||||
|
@ -1,6 +1,6 @@
|
||||
type adsprpcd_file, file_type;
|
||||
type bt_firmware_file, file_type;
|
||||
type display_data_file, file_type;
|
||||
type display_data_file, data_file_type, core_data_file_type, file_type;
|
||||
type firmware_file, file_type;
|
||||
type ipacm-diag_exec, exec_type, vendor_file_type, file_type;
|
||||
type persist_file, file_type;
|
||||
|
@ -1,4 +1,4 @@
|
||||
type shal_livedisplay_default, domain;
|
||||
type shal_livedisplay_default, coredomain, domain;
|
||||
hal_server_domain(shal_livedisplay_default, hal_lineage_livedisplay)
|
||||
|
||||
type shal_livedisplay_default_exec, exec_type, file_type;
|
||||
@ -19,6 +19,7 @@ allow shal_livedisplay_default display_data_file:file create_file_perms;
|
||||
|
||||
# Allow LiveDisplay to access pps socket
|
||||
type mm-pp-daemon, domain;
|
||||
typeattribute mm-pp-daemon socket_between_core_and_vendor_violators;
|
||||
unix_socket_connect(shal_livedisplay_default, pps, mm-pp-daemon)
|
||||
|
||||
# Allow LiveDisplay to read display props
|
||||
|
Loading…
Reference in New Issue
Block a user