Add sepolicy rules

1. com.qualcomm.qti.telephonyservice { read } for comm="elephonyservice" name="u:object_r:vendor_radio_prop:s0" dev="tmpfs" ino=25322 scontext=u:r:platform_app:s0:c512, c768 tcontext=u:object_r:vendor_radio_prop:s0 tclass=file permissive=0 app=com.qualcomm.qti.telephonyservice Ref: qcom/lito/device/qcom/sepolicy/+/2824781c (CRs-Fixed: 2809413) 2. vendor.qti.hardware.radio.ims.IImsRadio/default avc: denied { find } for pid=2718 uid=10252 name=vendor.qti.hardware.radio.ims.IImsRadio/default scontext=u:r:qtelephony:s0:c252,c256,c512,c768 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0 Bug: 185560630 Bug: 185954927 Change-Id: Ibe935872b7a35ccdc8c2eb8eaea942ec91527abf
author: ChihYao Chien <ccchien@google.com> 2021-05-06 15:53:17 +0800
committer: ChihYao Chien <ccchien@google.com> 2021-05-07 09:41:07 +0800
commit: 6694d21d5982d5b851d5538194a3a0369e92a820 (patch)
tree: 80fcba50d0aaf9e4d878c21bb7e8c905cd8caa24
parent: 6f373b934e5c73e7c0dd3ee956262680be3ff3a7 (diff)
download: sunfish-sepolicy-6694d21d5982d5b851d5538194a3a0369e92a820.tar.gz
4 files changed, 6 insertions, 0 deletions
diff --git a/vendor/qcom/common/qtelephony.te b/vendor/qcom/common/qtelephony.te
index 315b1a2..29ce45f 100644
--- a/vendor/qcom/common/qtelephony.te
+++ b/vendor/qcom/common/qtelephony.te
@@ -7,6 +7,7 @@ add_hwservice(qtelephony, vnd_atcmdfwd_hwservice)
 allow qtelephony app_api_service:service_manager find;
 
 allow qtelephony hal_imsrtp_hwservice:hwservice_manager find;
+allow qtelephony hal_telephony_service:service_manager find;
 allow qtelephony radio_service:service_manager find;
 allow qtelephony sysfs_diag:dir search;
 allow qtelephony sysfs_timestamp_switch:file r_file_perms;
diff --git a/vendor/qcom/common/seapp_contexts b/vendor/qcom/common/seapp_contexts
index c34496a..51fdd3d 100644
--- a/vendor/qcom/common/seapp_contexts
+++ b/vendor/qcom/common/seapp_contexts
@@ -29,3 +29,6 @@ user=_app seinfo=platform name=org.codeaurora.ims isPrivApp=true domain=qtelepho
 
 #Add DeviceInfoHidlClient to vendor_qtelephony
 user=_app seinfo=platform name=com.qualcomm.qti.devicestatisticsservice domain=qtelephony type=app_data_file levelFrom=all
+
+# QtiTelephonyService app
+user=_app seinfo=platform name=com.qualcomm.qti.telephonyservice domain=qtelephony type=app_data_file levelFrom=all
diff --git a/vendor/qcom/common/service.te b/vendor/qcom/common/service.te
index c2ea2f6..c3aa9f1 100644
--- a/vendor/qcom/common/service.te
+++ b/vendor/qcom/common/service.te
@@ -4,3 +4,4 @@ type imsrcs_service,              service_manager_type;
 type improve_touch_service,       service_manager_type;
 type gba_auth_service,            service_manager_type;
 type qtitetherservice_service,    service_manager_type;
+type hal_telephony_service, service_manager_type, vendor_service;
diff --git a/vendor/qcom/common/service_contexts b/vendor/qcom/common/service_contexts
new file mode 100644
index 0000000..405f768
--- /dev/null
+++ b/vendor/qcom/common/service_contexts
@@ -0,0 +1 @@
+vendor.qti.hardware.radio.ims.IImsRadio/default        u:object_r:hal_telephony_service:s0
author	ChihYao Chien <ccchien@google.com>	2021-05-06 15:53:17 +0800
committer	ChihYao Chien <ccchien@google.com>	2021-05-07 09:41:07 +0800
commit	6694d21d5982d5b851d5538194a3a0369e92a820 (patch)
tree	80fcba50d0aaf9e4d878c21bb7e8c905cd8caa24
parent	6f373b934e5c73e7c0dd3ee956262680be3ff3a7 (diff)
download	sunfish-sepolicy-6694d21d5982d5b851d5538194a3a0369e92a820.tar.gz