restart domain
Bug: 254378739 Test: boot to home Change-Id: I63a3e22ccbee16dd3f186e76fa698d2e7454c057
This commit is contained in:
Adam Shih
parent
226ad03850
commit
be714f6fa3
10 changed files with 14 additions and 53 deletions
|
|
@ -17,7 +17,6 @@
|
|||
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint-service\.goodix u:object_r:hal_fingerprint_default_exec:s0
|
||||
/vendor/bin/hw/android\.hardware\.nfc-service\.st u:object_r:hal_nfc_default_exec:s0
|
||||
/vendor/bin/hw/vendor\.google\.wireless_charger@1\.3-service-vendor u:object_r:hal_wlc_exec:s0
|
||||
/vendor/bin/hw/android\.hardware\.qorvo\.uwb\.service u:object_r:hal_uwb_vendor_default_exec:s0
|
||||
/vendor/bin/rlsservice u:object_r:rlsservice_exec:s0
|
||||
|
||||
# Vendor Firmwares
|
||||
|
|
|
|||
|
|
@ -1,15 +0,0 @@
|
|||
type google_camera_app, domain, coredomain;
|
||||
app_domain(google_camera_app)
|
||||
|
||||
allow google_camera_app app_api_service:service_manager find;
|
||||
allow google_camera_app audioserver_service:service_manager find;
|
||||
allow google_camera_app cameraserver_service:service_manager find;
|
||||
allow google_camera_app mediaextractor_service:service_manager find;
|
||||
allow google_camera_app mediametrics_service:service_manager find;
|
||||
allow google_camera_app mediaserver_service:service_manager find;
|
||||
|
||||
# Allows camera app to access the GXP device.
|
||||
allow google_camera_app gxp_device:chr_file rw_file_perms;
|
||||
|
||||
# Allows camera app to search for GXP firmware file.
|
||||
allow google_camera_app vendor_fw_file:dir search;
|
||||
|
|
@ -1,16 +0,0 @@
|
|||
# HwBinder IPC from client to server
|
||||
binder_call(hal_uwb_vendor_client, hal_uwb_vendor_server)
|
||||
binder_call(hal_uwb_vendor_server, hal_uwb_vendor_client)
|
||||
|
||||
hal_attribute_service(hal_uwb_vendor, hal_uwb_vendor_service)
|
||||
|
||||
binder_call(hal_uwb_vendor_server, servicemanager)
|
||||
|
||||
# allow hal_uwb_vendor to set wpan interfaces up and down
|
||||
allow hal_uwb_vendor self:udp_socket create_socket_perms;
|
||||
allowxperm hal_uwb_vendor self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR SIOCETHTOOL };
|
||||
# TODO(b/190461440): Find a long term solution for this.
|
||||
allow hal_uwb_vendor self:global_capability_class_set { net_admin };
|
||||
|
||||
# allow hal_uwb_vendor to speak to nl802154 in the kernel
|
||||
allow hal_uwb_vendor self:netlink_generic_socket create_socket_perms_no_ioctl;
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
type hal_uwb_vendor_default, domain;
|
||||
type hal_uwb_vendor_default_exec, vendor_file_type, exec_type, file_type;
|
||||
init_daemon_domain(hal_uwb_vendor_default)
|
||||
|
||||
hal_server_domain(hal_uwb_vendor_default, hal_uwb)
|
||||
add_service(hal_uwb_vendor_default, hal_uwb_vendor_service)
|
||||
|
||||
hal_server_domain(hal_uwb_vendor_default, hal_uwb_vendor)
|
||||
binder_call(hal_uwb_vendor_default, uwb_vendor_app)
|
||||
|
||||
allow hal_uwb_vendor_default uwb_data_vendor:dir create_dir_perms;
|
||||
allow hal_uwb_vendor_default uwb_data_vendor:file create_file_perms;
|
||||
|
||||
get_prop(hal_uwb_vendor_default, vendor_uwb_calibration_prop)
|
||||
|
|
@ -8,7 +8,3 @@ user=_app seinfo=platform name=com.android.hbmsvmanager domain=hbmsvmanager_app
|
|||
# TODO(b/222204912): Should this run under uwb user?
|
||||
user=_app isPrivApp=true seinfo=uwb name=com.qorvo.uwb.vendorservice domain=uwb_vendor_app type=uwb_vendor_data_file levelFrom=all
|
||||
|
||||
# Google Camera
|
||||
user=_app isPrivApp=true seinfo=google name=com.google.android.GoogleCamera domain=google_camera_app type=app_data_file levelFrom=all
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -26,4 +26,7 @@ userdebug_or_eng(`
|
|||
permissive hal_usb_gadget_impl;
|
||||
permissive hal_usb_impl;
|
||||
permissive hal_camera_default;
|
||||
permissive hal_uwb_vendor_default;
|
||||
permissive google_camera_app;
|
||||
permissive hal_uwb_vendor;
|
||||
')
|
||||
|
|
|
|||
1
vendor/file_contexts
vendored
1
vendor/file_contexts
vendored
|
|
@ -8,6 +8,7 @@
|
|||
/vendor/bin/hw/android\.hardware\.usb-service u:object_r:hal_usb_impl_exec:s0
|
||||
/vendor/bin/hw/android\.hardware\.usb\.gadget-service u:object_r:hal_usb_gadget_impl_exec:s0
|
||||
/vendor/bin/hw/android\.hardware\.secure_element@1\.2-uicc-service u:object_r:hal_secure_element_uicc_exec:s0
|
||||
/vendor/bin/hw/android\.hardware\.qorvo\.uwb\.service u:object_r:hal_uwb_vendor_default_exec:s0
|
||||
|
||||
# Vendor Firmwares
|
||||
/vendor/firmware(/.*)? u:object_r:vendor_fw_file:s0
|
||||
|
|
|
|||
6
vendor/google_camera_app.te
vendored
6
vendor/google_camera_app.te
vendored
|
|
@ -1,3 +1,3 @@
|
|||
# Allows GCA to find and access the EdgeTPU.
|
||||
allow google_camera_app edgetpu_app_service:service_manager find;
|
||||
allow google_camera_app edgetpu_device:chr_file { getattr read write ioctl map };
|
||||
type google_camera_app, domain, coredomain;
|
||||
app_domain(google_camera_app)
|
||||
|
||||
|
|
|
|||
4
vendor/hal_uwb_vendor_default.te
vendored
Normal file
4
vendor/hal_uwb_vendor_default.te
vendored
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
type hal_uwb_vendor_default, domain;
|
||||
type hal_uwb_vendor_default_exec, vendor_file_type, exec_type, file_type;
|
||||
init_daemon_domain(hal_uwb_vendor_default)
|
||||
|
||||
3
vendor/seapp_contexts
vendored
3
vendor/seapp_contexts
vendored
|
|
@ -7,5 +7,8 @@ user=_app isPrivApp=true seinfo=platform name=com.thales.device.ofl.app.basicag
|
|||
# Domain for connectivity monitor
|
||||
user=_app isPrivApp=true seinfo=platform name=com.google.android.connectivitymonitor domain=con_monitor_app type=app_data_file levelFrom=all
|
||||
|
||||
# Google Camera
|
||||
user=_app isPrivApp=true seinfo=google name=com.google.android.GoogleCamera domain=google_camera_app type=app_data_file levelFrom=all
|
||||
|
||||
# CccDkTimeSyncService
|
||||
user=_app isPrivApp=true name=com.google.pixel.digitalkey.timesync domain=vendor_cccdktimesync_app type=app_data_file levelFrom=all
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue