Sepolicy update for Automotive Display Service
Bug: 140395359 Test: make sepolicy -j Change-Id: Ib6ddf55210d8a8ee4868359c88e3d177edce9610 Signed-off-by: Changyeon Jo <changyeon@google.com>
This commit is contained in:
parent
1d241db7e5
commit
741b9cd5ac
20
private/automotive_display_service.te
Normal file
20
private/automotive_display_service.te
Normal file
@ -0,0 +1,20 @@
|
||||
# Display service for Automotive
|
||||
type automotive_display, domain, coredomain;
|
||||
type automotive_display_exec, system_file_type, exec_type, file_type;
|
||||
|
||||
init_daemon_domain(automotive_display)
|
||||
|
||||
# Allow to use Binder IPC for SurfaceFlinger.
|
||||
binder_use(automotive_display)
|
||||
|
||||
# Allow to use HwBinder IPC for HAL implementations.
|
||||
hwbinder_use(automotive_display)
|
||||
|
||||
# Allow to read the target property.
|
||||
get_prop(automotive_display, hwservicemanager_prop)
|
||||
|
||||
# Allow to find SurfaceFlinger.
|
||||
allow automotive_display surfaceflinger_service:service_manager find;
|
||||
|
||||
# Allow client domain to do binder IPC to serverdomain.
|
||||
binder_call(automotive_display, surfaceflinger)
|
1
private/automotive_display_service_server.te
Normal file
1
private/automotive_display_service_server.te
Normal file
@ -0,0 +1 @@
|
||||
add_hwservice(automotive_display, fwk_automotive_display_hwservice)
|
@ -14,6 +14,8 @@
|
||||
app_integrity_service
|
||||
app_search_service
|
||||
auth_service
|
||||
automotive_display
|
||||
automotive_display_exec
|
||||
ashmem_libcutils_device
|
||||
blob_store_service
|
||||
binder_cache_system_server_prop
|
||||
@ -30,6 +32,7 @@
|
||||
device_config_sys_traced_prop
|
||||
exported_camera_prop
|
||||
file_integrity_service
|
||||
fwk_automotive_display_hwservice
|
||||
gmscore_app
|
||||
hal_can_bus_hwservice
|
||||
hal_can_controller_hwservice
|
||||
|
@ -343,6 +343,7 @@
|
||||
/system/bin/notify_traceur\.sh u:object_r:notify_traceur_exec:s0
|
||||
/system/bin/migrate_legacy_obb_data\.sh u:object_r:migrate_legacy_obb_data_exec:s0
|
||||
/system/bin/aidl_lazy_test_server u:object_r:aidl_lazy_test_server_exec:s0
|
||||
/system/bin/android\.frameworks\.automotive\.display@1\.0-service u:object_r:automotive_display_exec:s0
|
||||
|
||||
#############################
|
||||
# Vendor files
|
||||
|
@ -4,6 +4,7 @@ android.frameworks.displayservice::IDisplayService u:object_r:fwk_d
|
||||
android.frameworks.schedulerservice::ISchedulingPolicyService u:object_r:fwk_scheduler_hwservice:s0
|
||||
android.frameworks.sensorservice::ISensorManager u:object_r:fwk_sensor_hwservice:s0
|
||||
android.frameworks.stats::IStats u:object_r:fwk_stats_hwservice:s0
|
||||
android.frameworks.automotive.display::ICarWindowService u:object_r:fwk_automotive_display_hwservice:s0
|
||||
android.hardware.atrace::IAtraceDevice u:object_r:hal_atrace_hwservice:s0
|
||||
android.hardware.audio.effect::IEffectsFactory u:object_r:hal_audio_hwservice:s0
|
||||
android.hardware.audio::IDevicesFactory u:object_r:hal_audio_hwservice:s0
|
||||
|
@ -353,6 +353,7 @@ hal_attribute(wifi_supplicant);
|
||||
# from one core domain to another, without having to update the vendor image
|
||||
# which contains clients of this service.
|
||||
|
||||
attribute automotive_display_service_server;
|
||||
attribute camera_service_server;
|
||||
attribute display_service_server;
|
||||
attribute scheduler_service_server;
|
||||
|
@ -6,6 +6,7 @@ type fwk_display_hwservice, hwservice_manager_type, coredomain_hwservice, protec
|
||||
type fwk_scheduler_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice;
|
||||
type fwk_sensor_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice;
|
||||
type fwk_stats_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice;
|
||||
type fwk_automotive_display_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice;
|
||||
type hal_atrace_hwservice, hwservice_manager_type, protected_hwservice;
|
||||
type hal_audio_hwservice, hwservice_manager_type, protected_hwservice;
|
||||
type hal_audiocontrol_hwservice, hwservice_manager_type, protected_hwservice;
|
||||
|
Loading…
Reference in New Issue
Block a user