Add sepolicy for gnssd

Bug: 265391808 Test: No avc denied Change-Id: Ib4645bc0f26ac261c7aae6f1b621303e88e09690
2023-07-14 13:55:44 +08:00 · 2023-07-14 13:55:44 +08:00 · e19e985013
commit e19e985013
parent 309ef096ac
2 changed files with 7 additions and 0 deletions
--- a/vendor/gnssd.te
+++ b/vendor/gnssd.te
@ -19,3 +19,8 @@ wakelock_use(gnssd)

 # Allow a base set of permissions required for network access.
 net_domain(gnssd);
+
+# Allow gnssd to get boot complete
+get_prop(gnssd, bootanim_system_prop)
+
+allow gnssd sysfs_soc:file r_file_perms;
--- a/vendor/hal_gnss_default.te
+++ b/vendor/hal_gnss_default.te
@ -0,0 +1,2 @@
+allow hal_gnss_default fwk_sensor_service:service_manager find;
+allow hal_gnss_default gnssd:unix_stream_socket connectto;