diff options
author | Chungjui Fan <chungjuifan@google.com> | 2020-06-05 10:25:12 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-06-05 10:25:12 +0000 |
commit | 9be182c04b4dc0ff9e66957e13d418f690ebce91 (patch) | |
tree | 3039a1106c48a894ffd6491b9e5cb3c0925fb4a8 | |
parent | 9c8ac2257b4ab184603cb23de2f06841af6acdea (diff) | |
parent | c8c8d6bb4a2cd725bc4cebf95031094996cdaed3 (diff) | |
download | sunfish-sepolicy-9be182c04b4dc0ff9e66957e13d418f690ebce91.tar.gz |
Add sepolicy to Combine oemlock, authsecret HALs into weaver am: c8c8d6bb4a
Original change: https://googleplex-android-review.googlesource.com/c/device/google/sunfish-sepolicy/+/11723869
Change-Id: I5308cfe0028070f9e557bd1fd7d11cbbb7335c5f
-rw-r--r-- | vendor/google/file_contexts | 2 | ||||
-rw-r--r-- | vendor/google/hal_authsecret_citadel.te | 9 | ||||
-rw-r--r-- | vendor/google/hal_oemlock_citadel.te | 9 | ||||
-rw-r--r-- | vendor/google/hal_weaver_citadel.te | 2 |
4 files changed, 2 insertions, 20 deletions
diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts index c6ad150..9dec45d 100644 --- a/vendor/google/file_contexts +++ b/vendor/google/file_contexts @@ -18,14 +18,12 @@ # vendor binaries /vendor/bin/hw/android\.hardware\.atrace@1\.0-service.pixel u:object_r:hal_atrace_default_exec:s0 -/vendor/bin/hw/android\.hardware\.authsecret@1\.0-service\.citadel u:object_r:hal_authsecret_citadel_exec:s0 /vendor/bin/hw/android\.hardware\.camera\.provider@2\.6-service-google u:object_r:hal_camera_default_exec:s0 /vendor/bin/hw/android\.hardware\.contexthub@1\.1-service\.generic u:object_r:hal_contexthub_default_exec:s0 /vendor/bin/hw/android\.hardware\.dumpstate@1\.1-service\.sunfish u:object_r:hal_dumpstate_impl_exec:s0 /vendor/bin/hw/android\.hardware\.keymaster@4\.1-service\.citadel u:object_r:hal_keymaster_citadel_exec:s0 /vendor/bin/hw/android\.hardware\.neuralnetworks@1\.0-service-paintbox u:object_r:hal_neuralnetworks_paintbox_exec:s0 /vendor/bin/hw/android\.hardware\.neuralnetworks@1\.2-service-noronha u:object_r:hal_neuralnetworks_darwinn_exec:s0 -/vendor/bin/hw/android\.hardware\.oemlock@1\.0-service\.citadel u:object_r:hal_oemlock_citadel_exec:s0 /vendor/bin/hw/android\.hardware\.power\.stats@1\.0-service\.pixel u:object_r:hal_power_stats_default_exec:s0 /vendor/bin/hw/android\.hardware\.usb@1\.2-service\.sunfish u:object_r:hal_usb_impl_exec:s0 /vendor/bin/hw/android\.hardware\.vibrator@1\.3-service\.sunfish u:object_r:hal_vibrator_default_exec:s0 diff --git a/vendor/google/hal_authsecret_citadel.te b/vendor/google/hal_authsecret_citadel.te deleted file mode 100644 index 029d957..0000000 --- a/vendor/google/hal_authsecret_citadel.te +++ /dev/null @@ -1,9 +0,0 @@ -type hal_authsecret_citadel, domain; -type hal_authsecret_citadel_exec, exec_type, vendor_file_type, file_type; - -vndbinder_use(hal_authsecret_citadel) -binder_call(hal_authsecret_citadel, citadeld) -allow hal_authsecret_citadel citadeld_service:service_manager find; - -hal_server_domain(hal_authsecret_citadel, hal_authsecret) -init_daemon_domain(hal_authsecret_citadel) diff --git a/vendor/google/hal_oemlock_citadel.te b/vendor/google/hal_oemlock_citadel.te deleted file mode 100644 index d3ff719..0000000 --- a/vendor/google/hal_oemlock_citadel.te +++ /dev/null @@ -1,9 +0,0 @@ -type hal_oemlock_citadel, domain; -type hal_oemlock_citadel_exec, exec_type, vendor_file_type, file_type; - -vndbinder_use(hal_oemlock_citadel) -binder_call(hal_oemlock_citadel, citadeld) -allow hal_oemlock_citadel citadeld_service:service_manager find; - -hal_server_domain(hal_oemlock_citadel, hal_oemlock) -init_daemon_domain(hal_oemlock_citadel) diff --git a/vendor/google/hal_weaver_citadel.te b/vendor/google/hal_weaver_citadel.te index 0ec0340..40a0e14 100644 --- a/vendor/google/hal_weaver_citadel.te +++ b/vendor/google/hal_weaver_citadel.te @@ -7,3 +7,5 @@ binder_call(hal_weaver_citadel, citadeld) allow hal_weaver_citadel citadeld_service:service_manager find; hal_server_domain(hal_weaver_citadel, hal_weaver) +hal_server_domain(hal_weaver_citadel, hal_oemlock) +hal_server_domain(hal_weaver_citadel, hal_authsecret) |