psmattas/device_oneplus_sm7250-common
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sdm845-common: Fix neverallows

Browse Source 
Change-Id: I9a73f72b9c5c01afbaf6c2f960c7e25ca923d90c
This commit is contained in:
Luca Stefani
2019-02-03 11:54:04 +01:00
parent 983f553701
commit eaa9bbce92
5 changed files with 23 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
sepolicy/private/hal_light_sdm845.te
View File

@@ -1,7 +1,20 @@
type hal_light_sdm845, coredomain, domain;
hal_server_domain(hal_light_sdm845, hal_light)
# Allow a base set of permissions required for a domain to offer a
# HAL implementation of the specified type over HwBinder.
typeattribute hal_light_sdm845 halserverdomain;
typeattribute hal_light_sdm845 hal_light_server;
# HwBinder IPC from client to server, and callbacks
binder_call(hal_light_client, hal_light_server)
binder_call(hal_light_server, hal_light_client)
add_hwservice(hal_light_server, hal_light_hwservice)
allow hal_light_client hal_light_hwservice:hwservice_manager find;
type hal_light_sdm845_exec, exec_type, file_type;
init_daemon_domain(hal_light_sdm845)
allow hal_light_sdm845 sysfs_oem:file rw_file_perms;
allow hal_light_sdm845 { sysfs_graphics sysfs_oem }:lnk_file read;
allow hal_light_sdm845 { sysfs_graphics sysfs_oem }:file rw_file_perms;
allow hal_light_sdm845 { sysfs_graphics sysfs_leds sysfs_oem }:dir r_dir_perms;