diff options
| author | android-build-team Robot <android-build-team-robot@google.com> | 2020-11-03 18:16:32 +0000 |
|---|---|---|
| committer | android-build-team Robot <android-build-team-robot@google.com> | 2020-11-03 18:16:32 +0000 |
| commit | 455fa7e21ee5720aef5cbee92a12c5310ca24bc9 (patch) | |
| tree | 95c8e755a00ce6b4458ea459f9637165b20ef276 | |
| parent | 59c60f3aff6465b5ab8b39618267b867fc98a7a0 (diff) | |
| parent | 74391307d6e0dc3deabb25eea1c2192d246e4eac (diff) | |
| download | pixel-sepolicy-455fa7e21ee5720aef5cbee92a12c5310ca24bc9.tar.gz | |
Snap for 6948038 from 74391307d6e0dc3deabb25eea1c2192d246e4eac to rvc-platform-releaseandroid-platform-11.0.0_r4android-platform-11.0.0_r3
Change-Id: I9e6fef14e0f7808eaaa6f3424cf476a4e59ab7fc
| -rw-r--r-- | common/init-insmod-sh.te | 4 | ||||
| -rw-r--r-- | googlebattery/file_contexts | 1 | ||||
| -rw-r--r-- | googlebattery/hal_googlebattery.te | 13 | ||||
| -rw-r--r-- | googlebattery/hwservice.te | 1 | ||||
| -rw-r--r-- | googlebattery/hwservice_contexts | 1 | ||||
| -rw-r--r-- | googlebattery/platform_app.te | 3 | ||||
| -rw-r--r-- | googlebattery/system_app.te | 3 | ||||
| -rw-r--r-- | googlebattery/turbo_adapter.te | 3 | ||||
| -rw-r--r-- | mm/file.te | 1 | ||||
| -rw-r--r-- | mm/genfs_contexts | 1 | ||||
| -rw-r--r-- | thermal/hal_thermal_default.te | 2 |
11 files changed, 33 insertions, 0 deletions
diff --git a/common/init-insmod-sh.te b/common/init-insmod-sh.te index de1d408..16bc87c 100644 --- a/common/init-insmod-sh.te +++ b/common/init-insmod-sh.te @@ -8,6 +8,10 @@ allow init-insmod-sh self:capability sys_module; allow init-insmod-sh vendor_kernel_modules:system module_load; allow init-insmod-sh kernel:key search; +# modprobe needs sys_nice and setsched for driver threads +allow init-insmod-sh self:capability sys_nice; +allow init-insmod-sh kernel:process setsched; + # modprobe need proc_modules allow init-insmod-sh proc_modules:file r_file_perms; diff --git a/googlebattery/file_contexts b/googlebattery/file_contexts new file mode 100644 index 0000000..f4fc712 --- /dev/null +++ b/googlebattery/file_contexts @@ -0,0 +1 @@ +/vendor/bin/hw/vendor\.google\.google_battery@1\.0-service-vendor u:object_r:hal_googlebattery_exec:s0 diff --git a/googlebattery/hal_googlebattery.te b/googlebattery/hal_googlebattery.te new file mode 100644 index 0000000..6e6697b --- /dev/null +++ b/googlebattery/hal_googlebattery.te @@ -0,0 +1,13 @@ +type hal_googlebattery, domain; +type hal_googlebattery_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(hal_googlebattery) + +r_dir_file(hal_googlebattery, sysfs_batteryinfo) + +allow hal_googlebattery sysfs_batteryinfo:file rw_file_perms; +allow hal_googlebattery self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; + +hwbinder_use(hal_googlebattery) +add_hwservice(hal_googlebattery, hal_googlebattery_hwservice) +get_prop(hal_googlebattery, hwservicemanager_prop) diff --git a/googlebattery/hwservice.te b/googlebattery/hwservice.te new file mode 100644 index 0000000..40323ef --- /dev/null +++ b/googlebattery/hwservice.te @@ -0,0 +1 @@ +type hal_googlebattery_hwservice, hwservice_manager_type; diff --git a/googlebattery/hwservice_contexts b/googlebattery/hwservice_contexts new file mode 100644 index 0000000..40f1526 --- /dev/null +++ b/googlebattery/hwservice_contexts @@ -0,0 +1 @@ +vendor.google.google_battery::IGoogleBattery u:object_r:hal_googlebattery_hwservice:s0 diff --git a/googlebattery/platform_app.te b/googlebattery/platform_app.te new file mode 100644 index 0000000..0ee586f --- /dev/null +++ b/googlebattery/platform_app.te @@ -0,0 +1,3 @@ +# allow SystemUI to find and bind Google Battery HAL +allow platform_app hal_googlebattery_hwservice:hwservice_manager find; +binder_call(platform_app, hal_googlebattery) diff --git a/googlebattery/system_app.te b/googlebattery/system_app.te new file mode 100644 index 0000000..05723bf --- /dev/null +++ b/googlebattery/system_app.te @@ -0,0 +1,3 @@ +# To allow Settings to find and bind Google Battery HAL +allow system_app hal_googlebattery_hwservice:hwservice_manager find; +binder_call(system_app, hal_googlebattery) diff --git a/googlebattery/turbo_adapter.te b/googlebattery/turbo_adapter.te new file mode 100644 index 0000000..33f99cd --- /dev/null +++ b/googlebattery/turbo_adapter.te @@ -0,0 +1,3 @@ +# To find and bind Google Battery HAL +allow turbo_adapter hal_googlebattery_hwservice:hwservice_manager find; +binder_call(turbo_adapter, hal_googlebattery) @@ -1,2 +1,3 @@ type mm_logd_vendor_data_file, file_type, data_file_type; +type sysfs_fastrpc, sysfs_type, fs_type; diff --git a/mm/genfs_contexts b/mm/genfs_contexts new file mode 100644 index 0000000..6546455 --- /dev/null +++ b/mm/genfs_contexts @@ -0,0 +1 @@ +genfscon sysfs /kernel/fastrpc/total_dma_kb u:object_r:sysfs_fastrpc:s0 diff --git a/thermal/hal_thermal_default.te b/thermal/hal_thermal_default.te index 55073a9..846f07a 100644 --- a/thermal/hal_thermal_default.te +++ b/thermal/hal_thermal_default.te @@ -4,5 +4,7 @@ allow hal_thermal_default proc_stat:file r_file_perms; allow hal_thermal_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; +hal_client_domain(hal_thermal_default, hal_power); + # read thermal_config get_prop(hal_thermal_default, vendor_thermal_prop) |