fingerprint: Add new lable for capacitance fingerprint
u:object_r:hal_fingerprint_capacitance_exec:s0 android.hardware.biometrics.fingerprint-service.fpc42 Cherry-pick from ag/19085661 Bug: 235424180 Test: make selinux_policy -j128 Test: Check binary sepolicy on device Change-Id: I8859965df77356b4691292ab66dbbb8c0b9db3b3
This commit is contained in:
eddielan
parent
bc7b3c639c
commit
c16dc8d226
5 changed files with 30 additions and 0 deletions
|
|
@ -1,2 +1,5 @@
|
||||||
# sepolicy that are shared among devices using whitechapel
|
# sepolicy that are shared among devices using whitechapel
|
||||||
BOARD_SEPOLICY_DIRS += device/google/felix-sepolicy/vendor
|
BOARD_SEPOLICY_DIRS += device/google/felix-sepolicy/vendor
|
||||||
|
|
||||||
|
# Fingerprint
|
||||||
|
BOARD_SEPOLICY_DIRS += device/google/felix-sepolicy/fingerprint_capacitance
|
||||||
|
|
|
||||||
1
fingerprint_capacitance/file.te
Normal file
1
fingerprint_capacitance/file.te
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
type sysfs_fingerprint, sysfs_type, fs_type;
|
||||||
1
fingerprint_capacitance/file_contexts
Normal file
1
fingerprint_capacitance/file_contexts
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint-service\.fpc42 u:object_r:hal_fingerprint_capacitance_exec:s0
|
||||||
1
fingerprint_capacitance/genfs_contexts
Normal file
1
fingerprint_capacitance/genfs_contexts
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
genfscon sysfs /devices/platform/odm/odm:fp_fpc1020 u:object_r:sysfs_fingerprint:s0
|
||||||
24
fingerprint_capacitance/hal_fingerprint_capacitance.te
Normal file
24
fingerprint_capacitance/hal_fingerprint_capacitance.te
Normal file
|
|
@ -0,0 +1,24 @@
|
||||||
|
# hal_fingerprint_capacitance definition
|
||||||
|
type hal_fingerprint_capacitance, domain;
|
||||||
|
hal_server_domain(hal_fingerprint_capacitance, hal_fingerprint)
|
||||||
|
|
||||||
|
type hal_fingerprint_capacitance_exec, exec_type, vendor_file_type, file_type;
|
||||||
|
init_daemon_domain(hal_fingerprint_capacitance)
|
||||||
|
|
||||||
|
set_prop(hal_fingerprint_capacitance, vendor_fingerprint_prop)
|
||||||
|
|
||||||
|
# allow fingerprint to access file
|
||||||
|
allow hal_fingerprint_capacitance fingerprint_device:chr_file rw_file_perms;
|
||||||
|
allow hal_fingerprint_capacitance tee_device:chr_file rw_file_perms;
|
||||||
|
allow hal_fingerprint_capacitance sysfs_fingerprint:dir r_dir_perms;
|
||||||
|
allow hal_fingerprint_capacitance sysfs_fingerprint:file rw_file_perms;
|
||||||
|
|
||||||
|
# allow fingerprint to access power hal
|
||||||
|
hal_client_domain(hal_fingerprint_capacitance, hal_power);
|
||||||
|
|
||||||
|
# allow fingerprint to find fwk service
|
||||||
|
allow hal_fingerprint_capacitance fwk_stats_service:service_manager find;
|
||||||
|
|
||||||
|
# allow fingerprint to access input_device
|
||||||
|
allow hal_fingerprint_capacitance input_device:dir r_dir_perms;
|
||||||
|
allow hal_fingerprint_capacitance input_device:chr_file rw_file_perms;
|
||||||
Loading…
Add table
Add a link
Reference in a new issue