PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow system_app to interact with Dumpstate HAL

Browse Source 
To let end user enable/disable the verbose vender logging,
a developer option is added into Settings app which need
directly interact with Dumpstate HAL. In the future, the
same function may be added into SystemUI, eg. as a
QuickSettings tile.

To allow both Settings app and system.ui, system_app is
the best candidate for the sepolicy change.

Bug: 148822215
Test: make && make RunSettingsRoboTests
Change-Id: Ic6ef497505719e07cc37518b78c9dc146cda2d2c
This commit is contained in:
Rambo Wang 2020-02-12 19:06:04 -08:00
parent a3b19be219
commit 8950e7a25b
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
private/system_app.te
View File

@ -78,6 +78,9 @@ binder_call(system_app, incidentd)
# Allow system apps to interact with gpuservice
binder_call(system_app, gpuservice)
# Allow system app to interact with Dumpstate HAL
hal_client_domain(system_app, hal_dumpstate)
allow system_app servicemanager:service_manager list;
# TODO: scope this down? Too broad?
allow system_app {