pa-fazil
/
android_vendor_aospa
mirror of https://github.com/fazilsheik96/android_vendor_aospa.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

pa: sepolicy: Add rules for FOD. 

Change-Id: I067ead0c2f60493a974bc220b67d7039acea4823
This commit is contained in:
LuK1337 2019-06-26 16:20:51 +02:00 committed by Alexander Koskovich
parent b882f9d5bd
commit d1d045c2bb
8 changed files with 31 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
config/BoardConfigPA.mk
View File

@ -1,14 +1,17 @@
# Kernel
include vendor/pa/config/BoardConfigKernel.mk
# SEPolicy
BOARD_PLAT_PRIVATE_SEPOLICY_DIR += \
vendor/pa/sepolicy/private
# QCOM flags
ifeq ($(call is-vendor-board-platform,QCOM),true)
include vendor/pa/config/BoardConfigQcom.mk
endif
# SEPolicy
BOARD_PLAT_PRIVATE_SEPOLICY_DIR += \
vendor/pa/sepolicy/private
BOARD_PLAT_PUBLIC_SEPOLICY_DIR += \
vendor/pa/sepolicy/public
# Soong
include vendor/pa/config/BoardConfigSoong.mk

2
sepolicy/private/file_contexts Normal file
View File

@ -0,0 +1,2 @@
# FOD
/(system|system_ext|system/system_ext)/bin/hw/vendor.aospa.biometrics.fingerprint.inscreen@1.0-service u:object_r:vendor_fod_aospa_exec:s0

2
sepolicy/private/hwservice_contexts Normal file
View File

@ -0,0 +1,2 @@
# FOD
vendor.aospa.biometrics.fingerprint.inscreen::IFingerprintInscreen u:object_r:vendor_fod_hwservice:s0

2
sepolicy/private/platform_app.te Normal file
View File

@ -0,0 +1,2 @@
# Allow FOD HAL service to be found.
hal_client_domain(platform_app, vendor_fod)

2
sepolicy/private/system_server.te Normal file
View File

@ -0,0 +1,2 @@
# FOD
hal_client_domain(system_server, vendor_fod)

12
sepolicy/private/vendor_fod_aospa.te Normal file
View File

@ -0,0 +1,12 @@
type vendor_fod_aospa, domain, coredomain;
type vendor_fod_aospa_exec, system_file_type, exec_type, file_type;
hal_server_domain(vendor_fod_aospa,vendor_fod);
hal_attribute_hwservice(vendor_fod, vendor_fod_hwservice);
# Allow for transition from init domain to FOD.
init_daemon_domain(vendor_fod_aospa);
# Allow binder communication with platform applications & servicemanager.
binder_call(vendor_fod_aospa, platform_app)
binder_use(vendor_fod_aospa)

3
sepolicy/public/attributes Normal file
View File

@ -0,0 +1,3 @@
attribute vendor_fod;
attribute vendor_fod_server;
attribute vendor_fod_client;

1
sepolicy/public/hwservice.te Normal file
View File

@ -0,0 +1 @@
type vendor_fod_hwservice, hwservice_manager_type, protected_hwservice;