Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge "Add system_ui required policy" into udc-d1-dev

Browse source
This commit is contained in:
Wilson Sung 2023-03-09 07:05:32 +00:00 committed by Android (Google) Code Review
commit 2492786d15
2 changed files with 14 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

27
tracking_denials/systemui_app.te
View file

@ -1,27 +0,0 @@
# b/268572197
dontaudit systemui_app cameraserver_service:service_manager { find };
dontaudit systemui_app color_display_service:service_manager { find };
dontaudit systemui_app default_android_service:service_manager { find };
dontaudit systemui_app hal_wireless_charger:binder { call };
dontaudit systemui_app hal_wireless_charger:binder { transfer };
dontaudit systemui_app hal_wireless_charger_service:service_manager { find };
dontaudit systemui_app keyguard_config_prop:file { getattr };
dontaudit systemui_app keyguard_config_prop:file { map };
dontaudit systemui_app keyguard_config_prop:file { open };
dontaudit systemui_app keyguard_config_prop:file { read };
dontaudit systemui_app mediaextractor_service:service_manager { find };
dontaudit systemui_app mediametrics_service:service_manager { find };
dontaudit systemui_app mediaserver_service:service_manager { find };
dontaudit systemui_app network_score_service:service_manager { find };
dontaudit systemui_app overlay_service:service_manager { find };
dontaudit systemui_app qemu_hw_prop:file { getattr };
dontaudit systemui_app qemu_hw_prop:file { map };
dontaudit systemui_app qemu_hw_prop:file { open };
dontaudit systemui_app radio_service:service_manager { find };
dontaudit systemui_app vr_manager_service:service_manager { find };
dontaudit systemui_app service_manager_type:service_manager *;
# b/269813282
dontaudit systemui_app bootanim_system_prop:property_service { set };
dontaudit systemui_app init:unix_stream_socket { connectto };
dontaudit systemui_app property_socket:sock_file { write };
dontaudit systemui_app qemu_hw_prop:file { read };

16
vendor/systemui_app.te vendored
View file

@ -1,7 +1,19 @@
type systemui_app, domain;
type systemui_app, domain, coredomain;
app_domain(systemui_app)
allow systemui_app app_api_service:service_manager find;
allow systemui_app network_score_service:service_manager find;
allow systemui_app overlay_service:service_manager find;
allow systemui_app color_display_service:service_manager find;
get_prop(systemui_app, keyguard_config_prop)
set_prop(systemui_app, bootanim_system_prop)
allow systemui_app pixel_battery_service_type:service_manager find;
binder_call(systemui_app, pixel_battery_domain)
allow systemui_app touch_context_service:service_manager find;
binder_call(systemui_app, twoshay)
# WLC
allow systemui_app hal_wireless_charger_service:service_manager find;
binder_call(systemui_app, hal_wireless_charger)
binder_call(systemui_app, hal_wireless_charger)