Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge "Fix selinux permissions errors for UwbService" into sc-dev am: b58243632d

Browse source 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14096432

Change-Id: Iffdeac5d97da71c279e83d61db670b71a7ec6b36
This commit is contained in:
Mat Bevilacqua 2021-04-08 02:37:23 +00:00 committed by Automerger Merge Worker
commit 8c46fe8986
7 changed files with 12 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
tracking_denials/kernel.te
View file

@ -3,5 +3,4 @@ dontaudit kernel kernel:perf_event { cpu };
dontaudit kernel kernel:perf_event { cpu }; dontaudit kernel kernel:perf_event { cpu };
userdebug_or_eng(` userdebug_or_eng(`
permissive kernel; permissive kernel;
permissive hal_uwb_default;
') ')

3
whitechapel/vendor/google/gmscore_app.te vendored Normal file
View file

@ -0,0 +1,3 @@
# Allow gmscore to use UwbService APIs
# TODO (b/183904955): remove
allow gmscore_app uwb_service:service_manager find;

2
whitechapel/vendor/google/hal_uwb_default.te vendored
View file

@ -1,3 +1,5 @@
type hal_uwb_default, domain; type hal_uwb_default, domain;
type hal_uwb_default_exec, vendor_file_type, exec_type, file_type; type hal_uwb_default_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(hal_uwb_default) init_daemon_domain(hal_uwb_default)
add_service(hal_uwb_default, hal_uwb_service)

1
whitechapel/vendor/google/service.te vendored
View file

@ -1,3 +1,4 @@
type hal_pixel_display_service, service_manager_type, vendor_service; type hal_pixel_display_service, service_manager_type, vendor_service;
type uwb_service, service_manager_type; type uwb_service, service_manager_type;
type touch_context_service, service_manager_type, vendor_service; type touch_context_service, service_manager_type, vendor_service;
type hal_uwb_service, service_manager_type, vendor_service;

1
whitechapel/vendor/google/service_contexts vendored
View file

@ -3,3 +3,4 @@ com.google.edgetpu.IEdgeTpuService/default u:object_r:edgetpu_se
com.google.hardware.pixel.display.IDisplay/default u:object_r:hal_pixel_display_service:s0 com.google.hardware.pixel.display.IDisplay/default u:object_r:hal_pixel_display_service:s0
com.google.input.ITouchContextService/default u:object_r:touch_context_service:s0 com.google.input.ITouchContextService/default u:object_r:touch_context_service:s0
uwb u:object_r:uwb_service:s0 uwb u:object_r:uwb_service:s0
hardware.qorvo.uwb.IUwb/default u:object_r:hal_uwb_service:s0

4
whitechapel/vendor/google/untrusted_app_all.te vendored
View file

@ -8,3 +8,7 @@ allow untrusted_app_all edgetpu_device:chr_file { getattr read write ioctl map }
# Allows Exoplayer(and other applications) access to the vstream-secure DMA-BUF heap # Allows Exoplayer(and other applications) access to the vstream-secure DMA-BUF heap
# for secure video playback # for secure video playback
allow untrusted_app_all dmabuf_system_secure_heap_device:chr_file r_file_perms; allow untrusted_app_all dmabuf_system_secure_heap_device:chr_file r_file_perms;
# Allows cts tests to test for UwbService presence
# TODO (b/183904955): remove
allow untrusted_app_all uwb_service:service_manager find;

1
whitechapel/vendor/google/uwb_service.te vendored Normal file
View file

@ -0,0 +1 @@
allow uwb_service hal_uwb_service:service_manager find;