Add 'sepolicy/' from tag 'android-15.0.0_r1'
git-subtree-dir: sepolicy git-subtree-mainline:5ac4bfe691git-subtree-split:8c9dd0dbcdChange-Id: If7ab7a231c42edd022de4786d0e0d92c6e77eef0
This commit is contained in:
Michael Bestas
commit
1f12b7b750
184 changed files with 3212 additions and 0 deletions
11
sepolicy/system_ext/private/pixeldisplayservice_app.te
Normal file
11
sepolicy/system_ext/private/pixeldisplayservice_app.te
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
typeattribute pixeldisplayservice_app coredomain;
|
||||
|
||||
app_domain(pixeldisplayservice_app);
|
||||
|
||||
allow pixeldisplayservice_app proc_vendor_sched:dir r_dir_perms;
|
||||
allow pixeldisplayservice_app proc_vendor_sched:file w_file_perms;
|
||||
|
||||
# Standard system services
|
||||
allow pixeldisplayservice_app app_api_service:service_manager find;
|
||||
|
||||
allow pixeldisplayservice_app cameraserver_service:service_manager find;
|
||||
5
sepolicy/system_ext/private/pixelntnservice_app.te
Normal file
5
sepolicy/system_ext/private/pixelntnservice_app.te
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
typeattribute pixelntnservice_app coredomain;
|
||||
|
||||
app_domain(pixelntnservice_app);
|
||||
allow pixelntnservice_app app_api_service:service_manager find;
|
||||
set_prop(pixelntnservice_app, telephony_modem_prop)
|
||||
2
sepolicy/system_ext/private/platform_app.te
Normal file
2
sepolicy/system_ext/private/platform_app.te
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
# allow systemui access to fingerprint
|
||||
hal_client_domain(platform_app, hal_fingerprint)
|
||||
6
sepolicy/system_ext/private/property_contexts
Normal file
6
sepolicy/system_ext/private/property_contexts
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
# Telephony
|
||||
telephony.TnNtn.image_switch u:object_r:telephony_modem_prop:s0 exact enum ntn tn
|
||||
telephony.ril.silent_reset u:object_r:telephony_ril_prop:s0 exact bool
|
||||
|
||||
# HDCP setting of the display connected via USB port
|
||||
persist.sys.hdcp_checking u:object_r:usb_control_prop:s0 exact string
|
||||
9
sepolicy/system_ext/private/seapp_contexts
Normal file
9
sepolicy/system_ext/private/seapp_contexts
Normal file
|
|
@ -0,0 +1,9 @@
|
|||
# SystemUI
|
||||
user=_app seinfo=platform name=com.android.systemui domain=systemui_app type=app_data_file levelFrom=all
|
||||
user=_app seinfo=platform name=com.android.systemui:* domain=systemui_app type=app_data_file levelFrom=all
|
||||
|
||||
# PixelDisplayService
|
||||
user=_app seinfo=platform name=com.android.pixeldisplayservice domain=pixeldisplayservice_app type=app_data_file levelFrom=all
|
||||
|
||||
# PixelNtnService
|
||||
user=system seinfo=platform name=com.google.android.satellite domain=pixelntnservice_app type=app_data_file levelFrom=all
|
||||
27
sepolicy/system_ext/private/systemui_app.te
Normal file
27
sepolicy/system_ext/private/systemui_app.te
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
typeattribute systemui_app coredomain;
|
||||
app_domain(systemui_app)
|
||||
|
||||
allow systemui_app app_api_service:service_manager find;
|
||||
allow systemui_app network_score_service:service_manager find;
|
||||
allow systemui_app overlay_service:service_manager find;
|
||||
allow systemui_app color_display_service:service_manager find;
|
||||
allow systemui_app audioserver_service:service_manager find;
|
||||
allow systemui_app cameraserver_service:service_manager find;
|
||||
allow systemui_app mediaserver_service:service_manager find;
|
||||
allow systemui_app mediaextractor_service:service_manager find;
|
||||
allow systemui_app mediametrics_service:service_manager find;
|
||||
allow systemui_app radio_service:service_manager find;
|
||||
allow systemui_app vr_manager_service:service_manager find;
|
||||
allow systemui_app nfc_service:service_manager find;
|
||||
allow systemui_app adb_service:service_manager find;
|
||||
allow systemui_app statsmanager_service:service_manager find;
|
||||
|
||||
get_prop(systemui_app, keyguard_config_prop)
|
||||
set_prop(systemui_app, bootanim_system_prop)
|
||||
get_prop(systemui_app, qemu_hw_prop)
|
||||
|
||||
# Allow writing and removing wmshell protolog in /data/misc/wmtrace.
|
||||
userdebug_or_eng(`
|
||||
allow systemui_app wm_trace_data_file:dir rw_dir_perms;
|
||||
allow systemui_app wm_trace_data_file:file create_file_perms;
|
||||
')
|
||||
1
sepolicy/system_ext/public/pixeldisplayservice_app.te
Normal file
1
sepolicy/system_ext/public/pixeldisplayservice_app.te
Normal file
|
|
@ -0,0 +1 @@
|
|||
type pixeldisplayservice_app, domain;
|
||||
1
sepolicy/system_ext/public/pixelntnservice_app.te
Normal file
1
sepolicy/system_ext/public/pixelntnservice_app.te
Normal file
|
|
@ -0,0 +1 @@
|
|||
type pixelntnservice_app, domain;
|
||||
7
sepolicy/system_ext/public/property.te
Normal file
7
sepolicy/system_ext/public/property.te
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
# Telephony
|
||||
system_public_prop(telephony_ril_prop)
|
||||
system_restricted_prop(telephony_modem_prop)
|
||||
|
||||
userdebug_or_eng(`
|
||||
set_prop(shell, telephony_ril_prop)
|
||||
')
|
||||
1
sepolicy/system_ext/public/systemui_app.te
Normal file
1
sepolicy/system_ext/public/systemui_app.te
Normal file
|
|
@ -0,0 +1 @@
|
|||
type systemui_app, domain;
|
||||
Loading…
Add table
Add a link
Reference in a new issue