PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
73d0a67b06
android_system_sepolicy/private/hal_allocator_default.te
Tri Vo 73d0a67b06 sepolicy for ashmemd 
all_untrusted_apps apart from untrusted_app_{25, 27} and mediaprovider
are now expected to go to ashmemd for /dev/ashmem fds.

Give coredomain access to ashmemd, because ashmemd is the default way
for coredomain to get a /dev/ashmem fd.

Bug: 113362644
Test: device boots, ashmemd running
Test: Chrome app works
Test: "lsof /system/lib64/libashmemd_client.so" shows
libashmemd_client.so being loaded into apps.
Change-Id: I279448c3104c5d08a1fefe31730488924ce1b37a
2019-02-05 21:38:14 +00:00

9 lines
276 B
Plaintext
Raw Blame History

type hal_allocator_default, domain, coredomain;
hal_server_domain(hal_allocator_default, hal_allocator)
type hal_allocator_default_exec, system_file_type, exec_type, file_type;
init_daemon_domain(hal_allocator_default)
# To talk to ashmemd
binder_use(hal_allocator_default)
Reference in New Issue View Git Blame Copy Permalink