Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix avc denied issue when accessing to IStats service

Browse source 
Originally we use isPriv=true but Exo APP is not located in priv-app
folder.
So has to remove isPriv=true and add into net_domain in order to network
accessing.
This is a clone cl updated from ag/13794482

Bug: 180594376
Test: manual test if there is avc denied
Change-Id: Icb5009248d10c23e772040aad8ac2fed849bafa0
This commit is contained in:
andychou 2021-03-08 18:31:07 +08:00
parent fc5a6a88db
commit ce711fd18e
2 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ambient/exo_app.te
View file

@ -1,6 +1,7 @@
type exo_app, domain;
type exo_app, coredomain, domain;
app_domain(exo_app)
net_domain(exo_app)
allow exo_app app_api_service:service_manager find;
allow exo_app audioserver_service:service_manager find;
@ -8,4 +9,6 @@ allow exo_app cameraserver_service:service_manager find;
allow exo_app mediaserver_service:service_manager find;
allow exo_app radio_service:service_manager find;
allow exo_app fwk_stats_hwservice:hwservice_manager find;
allow exo_app mediametrics_service:service_manager find;
binder_call(exo_app, statsd)

2
ambient/seapp_contexts
View file

@ -1,5 +1,5 @@
# Domain for Exo app
user=_app isPrivApp=true seinfo=platform name=com.google.pixel.exo domain=exo_app type=app_data_file levelFrom=all
user=_app seinfo=platform name=com.google.pixel.exo domain=exo_app type=app_data_file levelFrom=all
# Domain for Exo Wirecutter app
user=_app seinfo=wirecutter name=com.google.pixel.wirecutter domain=exo_wirecutter_app type=app_data_file levelFrom=all