diff options
| author | Xin Li <delphij@google.com> | 2022-04-01 20:32:38 +0000 |
|---|---|---|
| committer | Xin Li <delphij@google.com> | 2022-04-01 20:32:38 +0000 |
| commit | 8221ad4a338555525a21a4e4c3446c40f5d75084 (patch) | |
| tree | 95ad4639d9c095417f1f6519e9f05a176e872777 | |
| parent | c7e55fdd6c3f8711e70aa0f78ef84b840d923b43 (diff) | |
| parent | 8fe21a708b2c8cca3d77d5f67c1df0fa83099b72 (diff) | |
| download | pixel-sepolicy-8221ad4a338555525a21a4e4c3446c40f5d75084.tar.gz | |
Merge Android 12 QPR3 ab/8391262
Bug: 226662282
Merged-In: I47d181fa7e29d0d7fbb81abb8c5e76d2ebd78a1a
Change-Id: I7364fad2bc62bc18c64b72fbb285f5722af23e4e
5 files changed, 34 insertions, 0 deletions
diff --git a/fingerprint-extension/system_ext/private/file_contexts b/fingerprint-extension/system_ext/private/file_contexts new file mode 100644 index 0000000..e66f969 --- /dev/null +++ b/fingerprint-extension/system_ext/private/file_contexts @@ -0,0 +1 @@ +/system_ext/bin/fingerprint\.extension\.sh u:object_r:init-fingerprint-extension_exec:s0 diff --git a/fingerprint-extension/system_ext/private/init-fingerprint-extension.te b/fingerprint-extension/system_ext/private/init-fingerprint-extension.te new file mode 100644 index 0000000..86730fe --- /dev/null +++ b/fingerprint-extension/system_ext/private/init-fingerprint-extension.te @@ -0,0 +1,17 @@ +type init-fingerprint-extension, domain, coredomain; +type init-fingerprint-extension_exec, exec_type, system_file_type, file_type; + +userdebug_or_eng(` + init_daemon_domain(init-fingerprint-extension) + + allow init-fingerprint-extension shell_exec:file rx_file_perms; + allow init-fingerprint-extension system_file:file execute_no_trans; + allow init-fingerprint-extension toolbox_exec:file {execute read open execute_no_trans map getattr}; + allow init-fingerprint-extension activity_service:service_manager find; + binder_call(init-fingerprint-extension, servicemanager) + binder_call(init-fingerprint-extension, system_server) + binder_call(system_server, init-fingerprint-extension) + + set_prop(init-fingerprint-extension, pixel_fingerprint_prop) + get_prop(init-fingerprint-extension, pixel_fingerprint_prop) +') diff --git a/fingerprint-extension/system_ext/private/property_contexts b/fingerprint-extension/system_ext/private/property_contexts new file mode 100644 index 0000000..f171122 --- /dev/null +++ b/fingerprint-extension/system_ext/private/property_contexts @@ -0,0 +1,11 @@ +# Latency +ctl.start$fingerprint-extension-bug-latency u:object_r:pixel_fingerprint_prop:s0 +ctl.stop$fingerprint-extension-bug-latency u:object_r:pixel_fingerprint_prop:s0 + +# Lockout +ctl.start$fingerprint-extension-bug-lockout u:object_r:pixel_fingerprint_prop:s0 +ctl.stop$fingerprint-extension-bug-lockout u:object_r:pixel_fingerprint_prop:s0 + +# Authentication +ctl.start$fingerprint-extension-bug-auth u:object_r:pixel_fingerprint_prop:s0 +ctl.stop$fingerprint-extension-bug-auth u:object_r:pixel_fingerprint_prop:s0 diff --git a/fingerprint-extension/system_ext/public/property.te b/fingerprint-extension/system_ext/public/property.te new file mode 100644 index 0000000..f0e2dd9 --- /dev/null +++ b/fingerprint-extension/system_ext/public/property.te @@ -0,0 +1 @@ +system_public_prop(pixel_fingerprint_prop) diff --git a/fingerprint-extension/vendor/hal_fingerprint_default.te b/fingerprint-extension/vendor/hal_fingerprint_default.te new file mode 100644 index 0000000..c1d5e4d --- /dev/null +++ b/fingerprint-extension/vendor/hal_fingerprint_default.te @@ -0,0 +1,4 @@ +userdebug_or_eng(` + set_prop(hal_fingerprint_default, pixel_fingerprint_prop) +') + |