From 5aaa0f6044ba6e1c9f68507a13c15f13fdc4e3b3 Mon Sep 17 00:00:00 2001 From: Sungwoo choi Date: Wed, 23 Jun 2021 17:25:27 +0900 Subject: [PATCH] gs101-sepolicy: add oemrilservice_app.te Seperate oemrilservice_app.te from vendor_telephony_app.te. - target process: com.samsung.slsi.telephony.oemril - selabel: oemrilservice_app - allow to find app_api_service - allow to find radio_service - allow to find vendor HAL - a binder communication with rild Bug: 191830874 Test: Manual Signed-off-by: Sungwoo choi Change-Id: I5e31b4a16f0b4d25bf4889da0150084937354808 --- whitechapel/vendor/google/oemrilservice_app.te | 7 +++++++ whitechapel/vendor/google/rild.te | 1 + whitechapel/vendor/google/seapp_contexts | 3 +++ 3 files changed, 11 insertions(+) create mode 100644 whitechapel/vendor/google/oemrilservice_app.te diff --git a/whitechapel/vendor/google/oemrilservice_app.te b/whitechapel/vendor/google/oemrilservice_app.te new file mode 100644 index 00000000..6b3a319f --- /dev/null +++ b/whitechapel/vendor/google/oemrilservice_app.te @@ -0,0 +1,7 @@ +type oemrilservice_app, domain; +app_domain(oemrilservice_app) + +allow oemrilservice_app app_api_service:service_manager find; +allow oemrilservice_app radio_service:service_manager find; +allow oemrilservice_app hal_exynos_rild_hwservice:hwservice_manager find; +binder_call(oemrilservice_app, rild) diff --git a/whitechapel/vendor/google/rild.te b/whitechapel/vendor/google/rild.te index a39ab520..5fc2159c 100644 --- a/whitechapel/vendor/google/rild.te +++ b/whitechapel/vendor/google/rild.te @@ -25,6 +25,7 @@ binder_call(rild, platform_app) binder_call(rild, modem_svc_sit) binder_call(rild, vendor_ims_app) binder_call(rild, vendor_rcs_app) +binder_call(rild, oemrilservice_app) # for hal service add_hwservice(rild, hal_exynos_rild_hwservice) diff --git a/whitechapel/vendor/google/seapp_contexts b/whitechapel/vendor/google/seapp_contexts index b10941ac..10343969 100644 --- a/whitechapel/vendor/google/seapp_contexts +++ b/whitechapel/vendor/google/seapp_contexts @@ -6,6 +6,9 @@ user=system seinfo=platform name=com.samsung.slsi.telephony.uartswitch domain=ve user=system seinfo=platform name=com.samsung.slsi.sysdebugmode domain=vendor_telephony_app levelFrom=all user=system seinfo=platform name=com.samsung.slsi.telephony.networktestmode domain=vendor_telephony_app levelFrom=all +# oemrilservice +user=_app isPrivApp=true name=com.samsung.slsi.telephony.oemril domain=oemrilservice_app levelFrom=all + # Samsung S.LSI IMS user=_app isPrivApp=true name=com.shannon.imsservice domain=vendor_ims_app levelFrom=all user=_app isPrivApp=true name=com.shannon.imsservice:remote domain=vendor_ims_app levelFrom=all