a4fa4427bc
Allows bugreport generation Bug: 315255760 Bug: 309379465 Test: abd bugreport & ensure lack of rls avc denied logs Change-Id: Ic390d6ddd6bac78e5979c78bc6d02262f08b3468
38 lines
No EOL
1.1 KiB
Text
38 lines
No EOL
1.1 KiB
Text
type rlsservice, domain;
|
|
type rlsservice_exec, exec_type, vendor_file_type, file_type;
|
|
|
|
init_daemon_domain(rlsservice)
|
|
vndbinder_use(rlsservice)
|
|
add_service(rlsservice, rls_service)
|
|
|
|
|
|
# access rainbow sensor calibration files
|
|
allow rlsservice persist_file:dir search;
|
|
allow rlsservice persist_camera_file:dir search;
|
|
allow rlsservice persist_camera_file:file r_file_perms;
|
|
allow rlsservice mnt_vendor_file:dir search;
|
|
|
|
# access device files
|
|
allow rlsservice rls_device:chr_file rw_file_perms;
|
|
|
|
binder_call(rlsservice, hal_camera_default)
|
|
binder_call(rlsservice, servicemanager)
|
|
|
|
|
|
# Allow access to display backlight information
|
|
allow rlsservice sysfs_leds:dir search;
|
|
allow rlsservice sysfs_leds:file r_file_perms;
|
|
|
|
# Allow access to always-on compute device node
|
|
allow rlsservice device:dir r_file_perms;
|
|
allow rlsservice aoc_device:chr_file rw_file_perms;
|
|
|
|
# For observing apex file changes
|
|
allow rlsservice apex_info_file:file r_file_perms;
|
|
|
|
# Allow read camera property
|
|
get_prop(rlsservice, vendor_camera_prop);
|
|
|
|
# Allow rlsservice bugreport generation
|
|
allow rlsservice dumpstate:fd use;
|
|
allow rlsservice dumpstate:fifo_file write; |