84aa699ac8
This commit makes following changes: - Add selinux policies for GCA-Eng & GCA-Next to access GXP device & edgetpu services. - Refactor code to push policies for Google Camera app from legacy/whitechapel_pro/* to vendor/* Tested: - flashed both GCA-Eng & GCA-Next apps and observed no crashes due to gxp or edgetpu. - scontext changed from "untrusted_app_32" to "debug_camera_app" in both cases. Bug: 264490031 Change-Id: I51f69168eebd6c7e54e512b7abde8dd6bbe7c443 Signed-off-by: Dinesh Yadav <dkyadav@google.com>
38 lines
2.1 KiB
Text
38 lines
2.1 KiB
Text
# Domain for EuiccSupportPixel
|
|
user=_app isPrivApp=true seinfo=EuiccSupportPixel name=com.google.euiccpixel domain=euiccpixel_app type=app_data_file levelFrom=all
|
|
|
|
# coredump/ramdump
|
|
user=_app seinfo=platform name=com.android.ramdump domain=ramdump_app type=app_data_file levelFrom=all
|
|
|
|
# Domain for OFLBasicAgentApp to support NFC/eSIM fw upgrade
|
|
user=_app isPrivApp=true seinfo=platform name=com.thales.device.ofl.app.omapi_agent domain=ofl_app type=app_data_file levelFrom=user
|
|
|
|
# Domain for connectivity monitor
|
|
user=_app isPrivApp=true seinfo=platform name=com.google.android.connectivitymonitor domain=con_monitor_app type=app_data_file levelFrom=all
|
|
|
|
# PixelDisplayService
|
|
user=_app seinfo=platform name=com.android.pixeldisplayservice domain=pixeldisplayservice_app type=app_data_file levelFrom=all
|
|
|
|
# Google Camera
|
|
user=_app isPrivApp=true seinfo=google name=com.google.android.GoogleCamera domain=google_camera_app type=app_data_file levelFrom=all
|
|
|
|
# Google Camera Eng
|
|
user=_app seinfo=CameraEng name=com.google.android.GoogleCameraEng domain=debug_camera_app type=app_data_file levelFrom=all
|
|
|
|
# Also allow GoogleCameraNext, the fishfood version, the same access as GoogleCamera
|
|
user=_app seinfo=CameraFishfood name=com.google.android.apps.googlecamera.fishfood domain=google_camera_app type=app_data_file levelFrom=all
|
|
|
|
# Also label GoogleCameraNext, built with debug keys as debug_camera_app.
|
|
user=_app seinfo=CameraEng name=com.google.android.apps.googlecamera.fishfood domain=debug_camera_app type=app_data_file levelFrom=all
|
|
|
|
# Qorvo UWB system app
|
|
# TODO(b/222204912): Should this run under uwb user?
|
|
user=_app isPrivApp=true seinfo=uwb name=com.qorvo.uwb.vendorservice domain=uwb_vendor_app type=uwb_vendor_data_file levelFrom=all
|
|
|
|
# CccDkTimeSyncService
|
|
user=_app isPrivApp=true name=com.google.pixel.digitalkey.timesync domain=vendor_cccdktimesync_app type=app_data_file levelFrom=all
|
|
|
|
# SystemUI
|
|
user=_app seinfo=platform name=com.android.systemui domain=systemui_app type=app_data_file levelFrom=all
|
|
user=_app seinfo=platform name=com.android.systemui:* domain=systemui_app type=app_data_file levelFrom=all
|
|
|