diff options
author | Badhri Jagan Sridharan <badhri@google.com> | 2022-01-31 22:08:26 -0800 |
---|---|---|
committer | Badhri Jagan Sridharan <badhri@google.com> | 2022-05-09 21:04:03 -0700 |
commit | 4cdd25b85a5c2e6d31dfbb872e0506f0b440751f (patch) | |
tree | 0fee2f848fe210bf3ba0a511f6d6150bfd45fe03 /vendor | |
parent | b99951ceb737e640110324e6899c485d9a3a4401 (diff) | |
download | redfin-sepolicy-4cdd25b85a5c2e6d31dfbb872e0506f0b440751f.tar.gz |
android.hardware.usb.IUsb AIDL migrationandroid13-dev
android.hardware.usb.IUsb is migrated to AIDL and runs in
its own process. android.hardware.usb.gadget.IUsbGadget
is now published in its own exclusive process
(android.hardware.usb.gadget-service). Creating
file_context and moving the selinux linux rules
for IUsbGadget implementation.
Bug: 200993386
Change-Id: I2e359e29716af5515c60ea57b554103579ca5570
Diffstat (limited to 'vendor')
-rw-r--r-- | vendor/google/file_contexts | 3 | ||||
-rw-r--r-- | vendor/google/hal_usb_gadget_impl.te | 14 |
2 files changed, 16 insertions, 1 deletions
diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts index 97263fe..cd5a515 100644 --- a/vendor/google/file_contexts +++ b/vendor/google/file_contexts @@ -1,4 +1,5 @@ # vendor binaries -/vendor/bin/hw/android\.hardware\.usb@1\.3-service\.redfin u:object_r:hal_usb_impl_exec:s0 +/vendor/bin/hw/android\.hardware\.usb-service\.redfin u:object_r:hal_usb_impl_exec:s0 +/vendor/bin/hw/android\.hardware\.usb\.gadget-service\.redfin u:object_r:hal_usb_gadget_impl_exec:s0 /vendor/bin/hw/android\.hardware\.vibrator-service\.redfin u:object_r:hal_vibrator_default_exec:s0 /vendor/bin/hw/android\.hardware\.dumpstate@1\.1-service\.redfin u:object_r:hal_dumpstate_impl_exec:s0 diff --git a/vendor/google/hal_usb_gadget_impl.te b/vendor/google/hal_usb_gadget_impl.te new file mode 100644 index 0000000..ddd90c2 --- /dev/null +++ b/vendor/google/hal_usb_gadget_impl.te @@ -0,0 +1,14 @@ +type hal_usb_gadget_impl, domain; +hal_server_domain(hal_usb_gadget_impl, hal_usb) +hal_server_domain(hal_usb_gadget_impl, hal_usb_gadget) + +type hal_usb_gadget_impl_exec, vendor_file_type, exec_type, file_type; +init_daemon_domain(hal_usb_gadget_impl) + +allow hal_usb_gadget_impl configfs:dir { create rmdir }; +allow hal_usb_gadget_impl functionfs:dir { watch watch_reads }; +set_prop(hal_usb_gadget_impl, vendor_usb_prop) + +allow hal_usb_gadget_impl sysfs_batteryinfo:dir r_dir_perms; +allow hal_usb_gadget_impl sysfs_batteryinfo:file rw_file_perms; +allow hal_usb_gadget_impl sysfs_extcon:dir search; |