sepolicy for boot_control HAL service
Bug: 31864052 Test: Logging confirms service runs on boot Merged-In: I41e9e5c45d2d42886cdf7ff6d364e9e6e3df1ff4 Change-Id: I41e9e5c45d2d42886cdf7ff6d364e9e6e3df1ff4 Signed-off-by: Connor O'Brien <connoro@google.com>
This commit is contained in:
parent
367d90b6a4
commit
2370fc775c
@ -222,6 +222,7 @@
|
||||
/system/bin/hw/wifi_hal_legacy u:object_r:wifi_hal_legacy_exec:s0
|
||||
/system/fake-lib(64)?/libart.* u:object_r:libart_file:s0
|
||||
/system/lib(64)?/libart.* u:object_r:libart_file:s0
|
||||
/system/bin/hw/android.hardware.boot@1.0-service u:object_r:hal_boot_exec:s0
|
||||
/system/bin/hw/android.hardware.nfc@1.0-service u:object_r:android_hardware_nfc_1_0_service_exec:s0
|
||||
/system/bin/hw/android.hardware.vibrator@1.0-service u:object_r:android_hardware_vibrator_service_exec:s0
|
||||
/system/bin/hw/android.hardware.vr@1.0-service u:object_r:android_hardware_vr_exec:s0
|
||||
|
2
private/hal_boot.te
Normal file
2
private/hal_boot.te
Normal file
@ -0,0 +1,2 @@
|
||||
# may be started by init
|
||||
init_daemon_domain(hal_boot)
|
9
public/hal_boot.te
Normal file
9
public/hal_boot.te
Normal file
@ -0,0 +1,9 @@
|
||||
# boot_control subsystem
|
||||
type hal_boot, domain;
|
||||
type hal_boot_exec, exec_type, file_type;
|
||||
|
||||
# hwbinder access
|
||||
hwbinder_use(hal_boot)
|
||||
|
||||
# call into system_server process (callbacks)
|
||||
binder_call(hal_boot, system_server)
|
@ -147,6 +147,7 @@ allow system_server surfaceflinger:unix_stream_socket { read write setopt };
|
||||
|
||||
# Perform Binder IPC.
|
||||
binder_use(system_server)
|
||||
binder_call(system_server, hal_boot)
|
||||
binder_call(system_server, android_hardware_vibrator_service)
|
||||
binder_call(system_server, android_hardware_vr)
|
||||
binder_call(system_server, binderservicedomain)
|
||||
|
Loading…
Reference in New Issue
Block a user