336d0fed4e
I took current AOSP policy as base, then removed sepolicy so that the set of type and attributes was a subset of types and attributes in Q sepolicy, with exception of those that have not yet been cleand up in current AOSP: mediaswcodec_server netd_socket mediaextractor_update_service thermalserviced thermalserviced_exec Bug: 133196056 Test: n/a Change-Id: I863429d61d3fad0272c1d3f1e429cd997513a74a Merged-In: I3e091652fa8d1757b1f71f7559186d5b32f000d5
13 lines
498 B
Plaintext
13 lines
498 B
Plaintext
# Allow HwBinder IPC from client to server, and vice versa for callbacks.
|
|
binder_call(hal_face_client, hal_face_server)
|
|
binder_call(hal_face_server, hal_face_client)
|
|
|
|
hal_attribute_hwservice(hal_face, hal_face_hwservice)
|
|
|
|
# Allow access to the ion memory allocation device.
|
|
allow hal_face ion_device:chr_file r_file_perms;
|
|
|
|
# Allow read/write access to the face template directory.
|
|
allow hal_face face_vendor_data_file:file create_file_perms;
|
|
allow hal_face face_vendor_data_file:dir rw_dir_perms;
|