Merge "[RCS] Add sepolicy for RCS as non-system app" into sc-dev
This commit is contained in:
TreeHugger Robot
Android (Google) Code Review
commit
be1f56dba1
6 changed files with 26 additions and 0 deletions
3
tracking_denials/vendor_rcs_app.te
Normal file
3
tracking_denials/vendor_rcs_app.te
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
# b/183935382
|
||||
dontaudit vendor_rcs_app default_prop:file { read };
|
||||
dontaudit vendor_rcs_app default_prop:file { read };
|
||||
1
whitechapel/vendor/google/property.te
vendored
1
whitechapel/vendor/google/property.te
vendored
|
|
@ -1,6 +1,7 @@
|
|||
# For Exynos Properties
|
||||
vendor_internal_prop(vendor_prop)
|
||||
vendor_internal_prop(vendor_ims_prop)
|
||||
vendor_internal_prop(vendor_rcs_prop)
|
||||
vendor_internal_prop(vendor_rild_prop)
|
||||
vendor_internal_prop(vendor_slog_prop)
|
||||
vendor_internal_prop(sensors_prop)
|
||||
|
|
|
|||
1
whitechapel/vendor/google/rild.te
vendored
1
whitechapel/vendor/google/rild.te
vendored
|
|
@ -24,6 +24,7 @@ binder_call(rild, hal_secure_element_default)
|
|||
binder_call(rild, platform_app)
|
||||
binder_call(rild, modem_svc_sit)
|
||||
binder_call(rild, vendor_ims_app)
|
||||
binder_call(rild, vendor_rcs_app)
|
||||
|
||||
# for hal service
|
||||
add_hwservice(rild, hal_exynos_rild_hwservice)
|
||||
|
|
|
|||
2
whitechapel/vendor/google/seapp_contexts
vendored
2
whitechapel/vendor/google/seapp_contexts
vendored
|
|
@ -9,6 +9,8 @@ user=system seinfo=platform name=com.samsung.slsi.telephony.networktestmode doma
|
|||
# Samsung S.LSI IMS
|
||||
user=_app isPrivApp=true name=com.shannon.imsservice domain=vendor_ims_app levelFrom=all
|
||||
user=_app isPrivApp=true name=com.shannon.imsservice:remote domain=vendor_ims_app levelFrom=all
|
||||
user=_app isPrivApp=true name=com.shannon.rcsservice domain=vendor_rcs_app levelFrom=all
|
||||
user=_app isPrivApp=true name=com.shannon.rcsservice:remote domain=vendor_rcs_app levelFrom=all
|
||||
user=_app isPrivApp=true name=com.shannon.qualifiednetworksservice domain=vendor_ims_app levelFrom=all
|
||||
|
||||
# coredump/ramdump
|
||||
|
|
|
|||
1
whitechapel/vendor/google/vendor_init.te
vendored
1
whitechapel/vendor/google/vendor_init.te
vendored
|
|
@ -6,6 +6,7 @@ set_prop(vendor_init, vendor_usb_config_prop)
|
|||
set_prop(vendor_init, vendor_slog_prop)
|
||||
set_prop(vendor_init, vendor_sys_default_prop)
|
||||
set_prop(vendor_init, vendor_ims_prop)
|
||||
set_prop(vendor_init, vendor_rcs_prop)
|
||||
set_prop(vendor_init, vendor_ssrdump_prop)
|
||||
set_prop(vendor_init, vendor_ro_config_default_prop)
|
||||
get_prop(vendor_init, vendor_touchpanel_prop)
|
||||
|
|
|
|||
18
whitechapel/vendor/google/vendor_rcs_app.te
vendored
Normal file
18
whitechapel/vendor/google/vendor_rcs_app.te
vendored
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
type vendor_rcs_app, domain;
|
||||
app_domain(vendor_rcs_app)
|
||||
net_domain(vendor_rcs_app)
|
||||
|
||||
allow vendor_rcs_app app_api_service:service_manager find;
|
||||
allow vendor_rcs_app audioserver_service:service_manager find;
|
||||
allow vendor_rcs_app radio_service:service_manager find;
|
||||
allow vendor_rcs_app mediaserver_service:service_manager find;
|
||||
allow vendor_rcs_app cameraserver_service:service_manager find;
|
||||
|
||||
allow vendor_rcs_app privapp_data_file:dir create_dir_perms;
|
||||
allow vendor_rcs_app privapp_data_file:file create_file_perms;
|
||||
|
||||
allow vendor_rcs_app hal_exynos_rild_hwservice:hwservice_manager find;
|
||||
|
||||
binder_call(vendor_rcs_app, rild)
|
||||
set_prop(vendor_rcs_app, vendor_rild_prop)
|
||||
set_prop(vendor_rcs_app, radio_prop)
|
||||
Loading…
Add table
Add a link
Reference in a new issue