From 7b19701919afc5dc1a506ac303f9a6a3ae617417 Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Fri, 9 Jun 2023 17:44:02 +0800 Subject: [PATCH 1/2] Move systemui_app to system_ext Bug: 283841311 Bug: 264266705 Change-Id: I6c2f167cda9a52da4698f3732c9fdbb13674bea8 --- system_ext/private/systemui_app.te | 20 ++++++++++++++++++++ system_ext/public/systemui_app.te | 1 + vendor/systemui_app.te | 20 -------------------- 3 files changed, 21 insertions(+), 20 deletions(-) create mode 100644 system_ext/private/systemui_app.te create mode 100644 system_ext/public/systemui_app.te diff --git a/system_ext/private/systemui_app.te b/system_ext/private/systemui_app.te new file mode 100644 index 00000000..251a36e7 --- /dev/null +++ b/system_ext/private/systemui_app.te @@ -0,0 +1,20 @@ +typeattribute systemui_app coredomain; +app_domain(systemui_app) + +allow systemui_app app_api_service:service_manager find; +allow systemui_app network_score_service:service_manager find; +allow systemui_app overlay_service:service_manager find; +allow systemui_app color_display_service:service_manager find; +allow systemui_app audioserver_service:service_manager find; +allow systemui_app cameraserver_service:service_manager find; +allow systemui_app mediaserver_service:service_manager find; +allow systemui_app mediaextractor_service:service_manager find; +allow systemui_app mediametrics_service:service_manager find; +allow systemui_app radio_service:service_manager find; +allow systemui_app vr_manager_service:service_manager find; +allow systemui_app nfc_service:service_manager find; +allow systemui_app adb_service:service_manager find; + +get_prop(systemui_app, keyguard_config_prop) +set_prop(systemui_app, bootanim_system_prop) +get_prop(systemui_app, qemu_hw_prop) diff --git a/system_ext/public/systemui_app.te b/system_ext/public/systemui_app.te new file mode 100644 index 00000000..cb101a63 --- /dev/null +++ b/system_ext/public/systemui_app.te @@ -0,0 +1 @@ +type systemui_app, domain; diff --git a/vendor/systemui_app.te b/vendor/systemui_app.te index 4188dc69..034dd0a5 100644 --- a/vendor/systemui_app.te +++ b/vendor/systemui_app.te @@ -1,23 +1,3 @@ -type systemui_app, domain, coredomain; -app_domain(systemui_app) -allow systemui_app app_api_service:service_manager find; -allow systemui_app network_score_service:service_manager find; -allow systemui_app overlay_service:service_manager find; -allow systemui_app color_display_service:service_manager find; -allow systemui_app audioserver_service:service_manager find; -allow systemui_app cameraserver_service:service_manager find; -allow systemui_app mediaserver_service:service_manager find; -allow systemui_app mediaextractor_service:service_manager find; -allow systemui_app mediametrics_service:service_manager find; -allow systemui_app radio_service:service_manager find; -allow systemui_app vr_manager_service:service_manager find; -allow systemui_app nfc_service:service_manager find; -allow systemui_app adb_service:service_manager find; - -get_prop(systemui_app, keyguard_config_prop) -set_prop(systemui_app, bootanim_system_prop) -get_prop(systemui_app, qemu_hw_prop) - allow systemui_app pixel_battery_service_type:service_manager find; binder_call(systemui_app, pixel_battery_domain) From 5ac528406e718d6bc1612f09c5b85b6d1ce66d03 Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Fri, 9 Jun 2023 18:20:58 +0800 Subject: [PATCH 2/2] Allow systemui_app access statsmanager_service Bug: 283841311 Change-Id: Id3c2838179736b42070959b3dad7c2ecd5580f22 --- system_ext/private/systemui_app.te | 2 ++ 1 file changed, 2 insertions(+) diff --git a/system_ext/private/systemui_app.te b/system_ext/private/systemui_app.te index 251a36e7..074f500f 100644 --- a/system_ext/private/systemui_app.te +++ b/system_ext/private/systemui_app.te @@ -14,7 +14,9 @@ allow systemui_app radio_service:service_manager find; allow systemui_app vr_manager_service:service_manager find; allow systemui_app nfc_service:service_manager find; allow systemui_app adb_service:service_manager find; +allow systemui_app statsmanager_service:service_manager find; get_prop(systemui_app, keyguard_config_prop) set_prop(systemui_app, bootanim_system_prop) get_prop(systemui_app, qemu_hw_prop) +