Merge "Fix denials for ril_config_service_app" into sc-dev am: 835a255138

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13960264

Change-Id: I5494cde9c8f7b4c04220d19e5b614a7560407445
This commit is contained in:
TreeHugger Robot 2021-03-24 01:35:47 +00:00 committed by Automerger Merge Worker
commit 3a05b06511
2 changed files with 12 additions and 0 deletions

View file

@ -0,0 +1,9 @@
type ril_config_service_app, domain;
app_domain(ril_config_service_app)
set_prop(ril_config_service_app, vendor_rild_prop)
allow ril_config_service_app app_api_service:service_manager find;
allow ril_config_service_app radio_vendor_data_file:dir rw_dir_perms;
allow ril_config_service_app radio_vendor_data_file:file create_file_perms;
dontaudit ril_config_service_app system_data_file:dir search;
dontaudit ril_config_service_app user_profile_root_file:dir search;

View file

@ -37,3 +37,6 @@ user=_app isPrivApp=true seinfo=mds name=com.google.mds domain=modem_diagnostic_
# Domain for connectivity monitor
user=_app isPrivApp=true seinfo=platform name=com.google.android.connectivitymonitor domain=con_monitor_app type=app_data_file levelFrom=all
# RIL Config Service
user=radio isPrivApp=true seinfo=platform name=com.google.RilConfigService domain=ril_config_service_app type=app_data_file