summaryrefslogtreecommitdiff
path: root/sepolicy/hiavplayer.te
diff options
context:
space:
mode:
authorDmitry Shmidt <dimitrysh@google.com>2018-07-16 12:53:21 -0700
committerDmitry Shmidt <dimitrysh@google.com>2018-07-16 12:53:21 -0700
commita8ef1fa69a2b38f6692a1caf0b31314ae041e062 (patch)
tree1e8170edfad87aa07f03fcfd3f08d1a3315cd56c /sepolicy/hiavplayer.te
parent211b23918fea15585a3be6059bc69cb230b58829 (diff)
downloadpoplar-a8ef1fa69a2b38f6692a1caf0b31314ae041e062.tar.gz
poplar: Cumulative patch from commit 6d860e7
6d860e7 (origin/master, origin/HEAD) poplar: use vendor prebuilt wifi files 2de4ee5 wifi: add capabilities for wpa_supplicant 46ac944 poplar: create an optee folder for OP-TEE files 9411998 poplar: move hiavplayer.rc into vendor folder e19a218 poplar: rename rootfs to vendor fdb3113 BoardConfig.mk: add printk.devkmsg=on to BOARD_KERNEL_CMDLINE da84bb1 init.poplar.rc: setprop service.adb.tcp.port 5555 ad56c8a Revert "WIP: temporarily disable bluetooth" 28e4d5e bt: add ro.boot.btmacaddr property and chmod of rtkbt_dev 363a2e4 wifi: enable wifi HAL support 958edb7 wifi: remove use of rtl8822bu module fe5024d audio: add include of <unistd.h> to fix usleep warnings 6e36a97 device.mk: add Launcher2 package 4673aee WIP: temporarily disable bluetooth 8b6fdda poplar: remove obsolete self-extractors b8b039f poplar: switch from add_lunch_combo to COMMON_LUNCH_CHOICES acd1ef6 poplar: enable full treble support d6df05c audio: update Android.mk for treble support d9a9261 audio: include <log/log.h> instead of <cutils/log.h> 1f6821d device.mk: use TARGET_COPY_OUT_VENDOR for feature declarations 9b9a1a7 device.mk: clean up newlines and backslash 29db545 device.mk: build soundtrigger package for audio support 3d4498f device.mk: add ro.config.build.name property fdb44d6 manifest: update manifest file for treble support d0cc662 ueventd.poplar.rc: add hi_gfx2d device node back ccc635e sepolicy: sync up selinux policy with Hisilicon development 2c391e5 sepoilcy: remove 'x' attribute from .te files 44c53b7 fstab.poplar: remove system and vendor mount 6b21fe2 fstab.poplar: use by-name symlinks instead of by-num 1e3bd67 poplar: add bt/wifi files and configurations 93bf7a1 device.mk: move BT section close to Wifi Bug: 110793466 Test: Manual Change-Id: If7db092bbed239ea83287fcf294b7d70c53e04b5 Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Diffstat (limited to 'sepolicy/hiavplayer.te')
-rw-r--r--sepolicy/hiavplayer.te30
1 files changed, 30 insertions, 0 deletions
diff --git a/sepolicy/hiavplayer.te b/sepolicy/hiavplayer.te
new file mode 100644
index 0000000..d67d962
--- /dev/null
+++ b/sepolicy/hiavplayer.te
@@ -0,0 +1,30 @@
+# Rules for audio service.
+type hiavplayer, domain;
+type hiavplayer_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(hiavplayer)
+
+vndbinder_use(hiavplayer)
+binder_call(hiavplayer, vndservicemanager)
+
+allow hiavplayer hiavplayer_service:service_manager { add };
+allow hiavplayer hal_audio_default:binder { transfer call };
+allow hiavplayer hal_audio_default:fd { use };
+allow hiavplayer hi_sys_device:chr_file { read write open ioctl };
+allow hiavplayer hi_vfmw_device:chr_file { open read write ioctl getattr};
+allow hiavplayer hi_userproc_device:chr_file { read write open ioctl };
+allow hiavplayer hi_log_device:chr_file { read write open getattr ioctl };
+allow hiavplayer hi_mem_device:chr_file { read write open ioctl };
+allow hiavplayer hi_module_device:chr_file { read write open ioctl };
+allow hiavplayer hi_stat_device:chr_file { read write open ioctl };
+allow hiavplayer hi_userproc_device:chr_file { read write open ioctl };
+allow hiavplayer hi_vdec_device:chr_file { read write open ioctl };
+allow hiavplayer hi_sync_device:chr_file { read write open ioctl };
+allow hiavplayer hi_ao_device:chr_file { read write open ioctl };
+allow hiavplayer hi_vo_device:chr_file { read write open ioctl };
+allow hiavplayer mmz_userdev_device:chr_file { read write open ioctl };
+allow hiavplayer hi_adec_device:chr_file { read write open ioctl };
+allow hiavplayer mediacodec:binder { call };
+
+# neverallow
+# binder_in_vendor_violators, vendor_executes_system_violators;
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-08 15:38:16 +0000