Merge "Revert "Add system_ui required policy"" into udc-d1-dev
This commit is contained in:
Chih Wei Chang
Android (Google) Code Review
commit
455363e7c0
3 changed files with 33 additions and 11 deletions
4
tracking_denials/systemui.te
Normal file
4
tracking_denials/systemui.te
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
# b/264266705
|
||||
userdebug_or_eng(`
|
||||
permissive systemui_app;
|
||||
')
|
||||
27
tracking_denials/systemui_app.te
Normal file
27
tracking_denials/systemui_app.te
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
# b/268572197
|
||||
dontaudit systemui_app cameraserver_service:service_manager { find };
|
||||
dontaudit systemui_app color_display_service:service_manager { find };
|
||||
dontaudit systemui_app default_android_service:service_manager { find };
|
||||
dontaudit systemui_app hal_wireless_charger:binder { call };
|
||||
dontaudit systemui_app hal_wireless_charger:binder { transfer };
|
||||
dontaudit systemui_app hal_wireless_charger_service:service_manager { find };
|
||||
dontaudit systemui_app keyguard_config_prop:file { getattr };
|
||||
dontaudit systemui_app keyguard_config_prop:file { map };
|
||||
dontaudit systemui_app keyguard_config_prop:file { open };
|
||||
dontaudit systemui_app keyguard_config_prop:file { read };
|
||||
dontaudit systemui_app mediaextractor_service:service_manager { find };
|
||||
dontaudit systemui_app mediametrics_service:service_manager { find };
|
||||
dontaudit systemui_app mediaserver_service:service_manager { find };
|
||||
dontaudit systemui_app network_score_service:service_manager { find };
|
||||
dontaudit systemui_app overlay_service:service_manager { find };
|
||||
dontaudit systemui_app qemu_hw_prop:file { getattr };
|
||||
dontaudit systemui_app qemu_hw_prop:file { map };
|
||||
dontaudit systemui_app qemu_hw_prop:file { open };
|
||||
dontaudit systemui_app radio_service:service_manager { find };
|
||||
dontaudit systemui_app vr_manager_service:service_manager { find };
|
||||
dontaudit systemui_app service_manager_type:service_manager *;
|
||||
# b/269813282
|
||||
dontaudit systemui_app bootanim_system_prop:property_service { set };
|
||||
dontaudit systemui_app init:unix_stream_socket { connectto };
|
||||
dontaudit systemui_app property_socket:sock_file { write };
|
||||
dontaudit systemui_app qemu_hw_prop:file { read };
|
||||
11
vendor/systemui_app.te
vendored
11
vendor/systemui_app.te
vendored
|
|
@ -1,16 +1,7 @@
|
|||
type systemui_app, domain, coredomain;
|
||||
type systemui_app, domain;
|
||||
app_domain(systemui_app)
|
||||
allow systemui_app app_api_service:service_manager find;
|
||||
|
||||
get_prop(systemui_app, keyguard_config_prop)
|
||||
set_prop(systemui_app, bootanim_system_prop)
|
||||
|
||||
allow systemui_app hal_googlebattery_service:service_manager find;
|
||||
binder_call(systemui_app, hal_googlebattery)
|
||||
|
||||
allow systemui_app touch_context_service:service_manager find;
|
||||
binder_call(systemui_app, twoshay)
|
||||
|
||||
# WLC
|
||||
allow systemui_app hal_wireless_charger_service:service_manager find;
|
||||
binder_call(systemui_app, hal_wireless_charger)
|
||||
Loading…
Add table
Add a link
Reference in a new issue