Merge tm-qpr-dev-plus-aosp-without-vendor@9129937
Bug: 248070379 Merged-In: Icc3762cef7f9766d845f1e1a56af1315fc97163b Change-Id: Ic16e04d8670d4e1607d8c64c39cd6376aceed1ba
This commit is contained in:
Xin Li
commit
b36d9e6b41
16 changed files with 52 additions and 14 deletions
|
|
@ -47,3 +47,7 @@ allow hal_neuralnetworks_darwinn sysfs_edgetpu:file r_file_perms;
|
|||
# Allows the NNAPI HAL to access the edgetpu_app_service
|
||||
allow hal_neuralnetworks_darwinn edgetpu_app_service:service_manager find;
|
||||
binder_call(hal_neuralnetworks_darwinn, edgetpu_app_server);
|
||||
|
||||
# Allow NNAPI HAL to send trace packets to Perfetto with SELinux enabled
|
||||
# under userdebug builds.
|
||||
userdebug_or_eng(`perfetto_producer(hal_neuralnetworks_darwinn)')
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
# Radio
|
||||
type radio_vendor_data_file, file_type, data_file_type;
|
||||
userdebug_or_eng(`
|
||||
typeattribute radio_vendor_data_file mlstrustedobject;
|
||||
')
|
||||
|
|
@ -1,5 +1,3 @@
|
|||
# ECC List
|
||||
/vendor/bin/init\.radio\.sh u:object_r:init_radio_exec:s0
|
||||
# Radio files.
|
||||
/data/vendor/radio(/.*)? u:object_r:radio_vendor_data_file:s0
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +0,0 @@
|
|||
# b/178980085
|
||||
dontaudit hal_camera_default system_data_file:dir { search };
|
||||
# b/180567725
|
||||
dontaudit hal_camera_default traced:unix_stream_socket { connectto };
|
||||
dontaudit hal_camera_default traced_producer_socket:sock_file { write };
|
||||
|
|
@ -10,3 +10,7 @@ type persist_sensor_reg_file, file_type, vendor_persist_type;
|
|||
# end with "data_file".
|
||||
type sensor_reg_data_file, file_type, data_file_type;
|
||||
|
||||
# Declare the sensor debug data file type. By convention, data file types
|
||||
# end with "data_file".
|
||||
type sensor_debug_data_file, file_type, data_file_type;
|
||||
|
||||
|
|
|
|||
|
|
@ -8,3 +8,5 @@
|
|||
# Sensor registry data files.
|
||||
/data/vendor/sensors/registry(/.*)? u:object_r:sensor_reg_data_file:s0
|
||||
|
||||
# Sensor debug data files.
|
||||
/data/vendor/sensors/debug(/.*)? u:object_r:sensor_debug_data_file:s0
|
||||
|
|
|
|||
|
|
@ -12,6 +12,12 @@ r_dir_file(hal_sensors_default, persist_camera_file)
|
|||
allow hal_sensors_default sensor_reg_data_file:dir rw_dir_perms;
|
||||
allow hal_sensors_default sensor_reg_data_file:file create_file_perms;
|
||||
|
||||
userdebug_or_eng(`
|
||||
# Allow creation and writing of sensor debug data files.
|
||||
allow hal_sensors_default sensor_debug_data_file:dir rw_dir_perms;
|
||||
allow hal_sensors_default sensor_debug_data_file:file create_file_perms;
|
||||
')
|
||||
|
||||
# Allow access to the AoC communication driver.
|
||||
allow hal_sensors_default aoc_device:chr_file rw_file_perms;
|
||||
|
||||
|
|
|
|||
6
whitechapel/vendor/google/file.te
vendored
6
whitechapel/vendor/google/file.te
vendored
|
|
@ -212,3 +212,9 @@ type sysfs_trusty, sysfs_type, fs_type;
|
|||
|
||||
# BootControl
|
||||
type sysfs_bootctl, sysfs_type, fs_type;
|
||||
|
||||
# Radio
|
||||
type radio_vendor_data_file, file_type, data_file_type;
|
||||
userdebug_or_eng(`
|
||||
typeattribute radio_vendor_data_file mlstrustedobject;
|
||||
')
|
||||
|
|
|
|||
6
whitechapel/vendor/google/file_contexts
vendored
6
whitechapel/vendor/google/file_contexts
vendored
|
|
@ -285,7 +285,7 @@
|
|||
/vendor/bin/hw/disable_contaminant_detection\.sh u:object_r:disable-contaminant-detection-sh_exec:s0
|
||||
|
||||
# NFC
|
||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.nfc@1\.2-service\.st u:object_r:hal_nfc_default_exec:s0
|
||||
/(vendor|system/vendor)/bin/hw/android\.hardware\.nfc-service\.st u:object_r:hal_nfc_default_exec:s0
|
||||
/dev/st21nfc u:object_r:nfc_device:s0
|
||||
/data/nfc(/.*)? u:object_r:nfc_data_file:s0
|
||||
|
||||
|
|
@ -319,6 +319,8 @@
|
|||
/dev/acd-debug u:object_r:aoc_device:s0
|
||||
/dev/acd-audio_tap[0-9]* u:object_r:aoc_device:s0
|
||||
/dev/acd-audio_dcdoff_ref u:object_r:aoc_device:s0
|
||||
/dev/acd-audio_ap_offload_rx u:object_r:aoc_device:s0
|
||||
/dev/acd-audio_ap_offload_tx u:object_r:aoc_device:s0
|
||||
/dev/amcs u:object_r:amcs_device:s0
|
||||
|
||||
# AudioMetric
|
||||
|
|
@ -434,3 +436,5 @@
|
|||
# Raw HID device
|
||||
/dev/hidraw[0-9]* u:object_r:hidraw_device:s0
|
||||
|
||||
# Radio files.
|
||||
/data/vendor/radio(/.*)? u:object_r:radio_vendor_data_file:s0
|
||||
|
|
|
|||
4
whitechapel/vendor/google/genfs_contexts
vendored
4
whitechapel/vendor/google/genfs_contexts
vendored
|
|
@ -14,7 +14,8 @@ genfscon sysfs /devices/platform/19000000.aoc/control/audio_wakeup u:ob
|
|||
genfscon sysfs /devices/platform/19000000.aoc/control/logging_wakeup u:object_r:sysfs_aoc_dumpstate:s0
|
||||
genfscon sysfs /devices/platform/19000000.aoc/control/hotword_wakeup u:object_r:sysfs_aoc_dumpstate:s0
|
||||
genfscon sysfs /devices/platform/19000000.aoc/control/memory_exception u:object_r:sysfs_aoc_dumpstate:s0
|
||||
genfscon sysfs /devices/platform/19000000.aoc/control/memory_votes u:object_r:sysfs_aoc_dumpstate:s0
|
||||
genfscon sysfs /devices/platform/19000000.aoc/control/memory_votes_a32 u:object_r:sysfs_aoc_dumpstate:s0
|
||||
genfscon sysfs /devices/platform/19000000.aoc/control/memory_votes_ff1 u:object_r:sysfs_aoc_dumpstate:s0
|
||||
|
||||
# WiFi
|
||||
genfscon sysfs /wifi u:object_r:sysfs_wifi:s0
|
||||
|
|
@ -486,6 +487,7 @@ genfscon sysfs /devices/platform/audiometrics/speaker_temp u:object_
|
|||
genfscon sysfs /devices/platform/audiometrics/mic_broken_degrade u:object_r:sysfs_pixelstats:s0
|
||||
genfscon sysfs /devices/platform/audiometrics/codec_crashed_counter u:object_r:sysfs_pixelstats:s0
|
||||
genfscon sysfs /devices/platform/audiometrics/hwinfo_part_number u:object_r:sysfs_pixelstats:s0
|
||||
genfscon sysfs /devices/platform/audiometrics/ams_rate_read_once u:object_r:sysfs_pixelstats:s0
|
||||
|
||||
# SJTAG
|
||||
genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0
|
||||
|
|
|
|||
|
|
@ -96,3 +96,11 @@ allow hal_camera_default proc_interrupts:file r_file_perms;
|
|||
|
||||
# Allow camera HAL to send trace packets to Perfetto
|
||||
userdebug_or_eng(`perfetto_producer(hal_camera_default)')
|
||||
|
||||
# Some file searches attempt to access system data and are denied.
|
||||
# This is benign and can be ignored.
|
||||
dontaudit hal_camera_default system_data_file:dir { search };
|
||||
|
||||
# google3 prebuilts attempt to connect to the wrong trace socket, ignore them.
|
||||
dontaudit hal_camera_default traced:unix_stream_socket { connectto };
|
||||
dontaudit hal_camera_default traced_producer_socket:sock_file { write };
|
||||
|
|
@ -35,6 +35,10 @@ allow hal_dumpstate_default vendor_log_file:dir search;
|
|||
allow hal_dumpstate_default vendor_usf_stats:file execute_no_trans;
|
||||
allow hal_dumpstate_default vendor_usf_reg_edit:file execute_no_trans;
|
||||
allow hal_dumpstate_default vendor_dumpsys:file execute_no_trans;
|
||||
userdebug_or_eng(`
|
||||
allow hal_dumpstate_default sensor_debug_data_file:dir r_dir_perms;
|
||||
allow hal_dumpstate_default sensor_debug_data_file:file r_file_perms;
|
||||
')
|
||||
|
||||
allow hal_dumpstate_default sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
|
||||
allow hal_dumpstate_default sscoredump_vendor_data_crashinfo_file:file r_file_perms;
|
||||
|
|
|
|||
4
whitechapel/vendor/google/logger_app.te
vendored
4
whitechapel/vendor/google/logger_app.te
vendored
|
|
@ -5,6 +5,10 @@ userdebug_or_eng(`
|
|||
allow logger_app vendor_gps_file:file create_file_perms;
|
||||
allow logger_app vendor_gps_file:dir create_dir_perms;
|
||||
allow logger_app sysfs_sscoredump_level:file r_file_perms;
|
||||
allow logger_app hal_exynos_rild_hwservice:hwservice_manager find;
|
||||
|
||||
binder_call(logger_app, rild)
|
||||
|
||||
r_dir_file(logger_app, ramdump_vendor_data_file)
|
||||
r_dir_file(logger_app, sscoredump_vendor_data_coredump_file)
|
||||
r_dir_file(logger_app, sscoredump_vendor_data_crashinfo_file)
|
||||
|
|
|
|||
3
whitechapel/vendor/google/modem_svc_sit.te
vendored
3
whitechapel/vendor/google/modem_svc_sit.te
vendored
|
|
@ -27,3 +27,6 @@ get_prop(modem_svc_sit, vendor_rild_prop)
|
|||
# hwservice permission
|
||||
allow modem_svc_sit hal_exynos_rild_hwservice:hwservice_manager find;
|
||||
get_prop(modem_svc_sit, hwservicemanager_prop)
|
||||
|
||||
# logging property
|
||||
get_prop(modem_svc_sit, vendor_logger_prop)
|
||||
|
|
|
|||
2
whitechapel/vendor/google/property_contexts
vendored
2
whitechapel/vendor/google/property_contexts
vendored
|
|
@ -61,6 +61,8 @@ vendor.audiodump.log.ondemand u:object_r:vendor_audio_prop:s0
|
|||
vendor.audiodump.log.config u:object_r:vendor_audio_prop:s0
|
||||
vendor.audiodump.output.dir u:object_r:vendor_audio_prop:s0
|
||||
vendor.audiodump.encode.disable u:object_r:vendor_audio_prop:s0
|
||||
vendor.audiodump.log.cca.updated u:object_r:vendor_audio_prop:s0
|
||||
vendor.audiodump.cca.config u:object_r:vendor_audio_prop:s0
|
||||
|
||||
|
||||
# for display
|
||||
|
|
|
|||
1
whitechapel/vendor/google/rild.te
vendored
1
whitechapel/vendor/google/rild.te
vendored
|
|
@ -26,6 +26,7 @@ binder_call(rild, modem_svc_sit)
|
|||
binder_call(rild, vendor_ims_app)
|
||||
binder_call(rild, vendor_rcs_app)
|
||||
binder_call(rild, oemrilservice_app)
|
||||
binder_call(rild, logger_app)
|
||||
|
||||
# for hal service
|
||||
add_hwservice(rild, hal_exynos_rild_hwservice)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue