diff options
-rw-r--r-- | citadel/citadeld.te | 3 | ||||
-rw-r--r-- | citadel/property.te | 1 | ||||
-rw-r--r-- | citadel/property_contexts | 1 | ||||
-rw-r--r-- | common/vendor/te_macros | 1 | ||||
-rw-r--r-- | thermal/file.te | 2 | ||||
-rw-r--r-- | thermal/file_contexts | 6 | ||||
-rw-r--r-- | thermal/genfs_contexts | 3 | ||||
-rw-r--r-- | thermal/hal_thermal_default.te | 16 | ||||
-rw-r--r-- | thermal/init-thermal-logging.sh.te | 10 | ||||
-rw-r--r-- | thermal/init-thermal-symlinks.sh.te | 12 | ||||
-rw-r--r-- | thermal/pixel-thermal-control.sh.te | 13 | ||||
-rw-r--r-- | thermal/property.te | 2 | ||||
-rw-r--r-- | thermal/property_contexts | 1 | ||||
-rw-r--r-- | thermal/vendor_init.te | 3 |
14 files changed, 6 insertions, 68 deletions
diff --git a/citadel/citadeld.te b/citadel/citadeld.te index 9490258..959704b 100644 --- a/citadel/citadeld.te +++ b/citadel/citadeld.te @@ -18,3 +18,6 @@ allow citadeld fwk_stats_hwservice:hwservice_manager find; binder_call(citadeld, stats_service_server) allow citadeld fwk_stats_service:service_manager find; binder_use(citadeld) + +# Let citadeld set property +set_prop(citadeld, vendor_nos_citadel_version); diff --git a/citadel/property.te b/citadel/property.te new file mode 100644 index 0000000..2e1c4ec --- /dev/null +++ b/citadel/property.te @@ -0,0 +1 @@ +vendor_internal_prop(vendor_nos_citadel_version) diff --git a/citadel/property_contexts b/citadel/property_contexts new file mode 100644 index 0000000..835de17 --- /dev/null +++ b/citadel/property_contexts @@ -0,0 +1 @@ +vendor.nos.citadel.version u:object_r:vendor_nos_citadel_version:s0 diff --git a/common/vendor/te_macros b/common/vendor/te_macros index c9a9c04..99873fe 100644 --- a/common/vendor/te_macros +++ b/common/vendor/te_macros @@ -12,6 +12,7 @@ domain_auto_trans(hal_dumpstate_default, $1_exec, $1) allow $1 dumpstate:fd use; allow $1 dumpstate:fifo_file { write getattr }; allow $1 hal_dumpstate_default:fd use; +allow hal_dumpstate_default $1:process { sigkill signal }; allow $1 shell_data_file:file { write getattr }; ') diff --git a/thermal/file.te b/thermal/file.te deleted file mode 100644 index a2b1ab8..0000000 --- a/thermal/file.te +++ /dev/null @@ -1,2 +0,0 @@ -type thermal_link_device, dev_type; -type debugfs_thermal, debugfs_type, fs_type; diff --git a/thermal/file_contexts b/thermal/file_contexts deleted file mode 100644 index c3fb04f..0000000 --- a/thermal/file_contexts +++ /dev/null @@ -1,6 +0,0 @@ -/vendor/bin/hw/android\.hardware\.thermal@2\.0-service\.pixel u:object_r:hal_thermal_default_exec:s0 -/vendor/bin/hw/android\.hardware\.thermal-service\.pixel u:object_r:hal_thermal_default_exec:s0 -/vendor/bin/thermal_logd u:object_r:init-thermal-logging-sh_exec:s0 -/vendor/bin/thermal_controld u:object_r:pixel-thermal-control-sh_exec:s0 -/vendor/bin/thermal_symlinks u:object_r:init-thermal-symlinks-sh_exec:s0 -/dev/thermal(/.*)? u:object_r:thermal_link_device:s0 diff --git a/thermal/genfs_contexts b/thermal/genfs_contexts deleted file mode 100644 index 3000fa0..0000000 --- a/thermal/genfs_contexts +++ /dev/null @@ -1,3 +0,0 @@ -genfscon sysfs /devices/virtual/thermal u:object_r:sysfs_thermal:s0 -genfscon sysfs /class/thermal u:object_r:sysfs_thermal:s0 -genfscon debugfs /gs101-thermal u:object_r:debugfs_thermal:s0 diff --git a/thermal/hal_thermal_default.te b/thermal/hal_thermal_default.te deleted file mode 100644 index 45ccf3a..0000000 --- a/thermal/hal_thermal_default.te +++ /dev/null @@ -1,16 +0,0 @@ -allow hal_thermal_default sysfs_thermal:dir r_dir_perms; -allow hal_thermal_default sysfs_thermal:file rw_file_perms; -allow hal_thermal_default sysfs_thermal:lnk_file r_file_perms; -allow hal_thermal_default thermal_link_device:dir r_dir_perms; -allow hal_thermal_default proc_stat:file r_file_perms; -allow hal_thermal_default self:netlink_generic_socket create_socket_perms_no_ioctl; -allow hal_thermal_default self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; - -hal_client_domain(hal_thermal_default, hal_power); - -# read thermal_config -get_prop(hal_thermal_default, vendor_thermal_prop) - -# Needed for reporting thermal stats event -allow hal_thermal_default fwk_stats_service:service_manager find; -binder_call(hal_thermal_default, servicemanager) diff --git a/thermal/init-thermal-logging.sh.te b/thermal/init-thermal-logging.sh.te deleted file mode 100644 index 3da540e..0000000 --- a/thermal/init-thermal-logging.sh.te +++ /dev/null @@ -1,10 +0,0 @@ -type init-thermal-logging-sh, domain; -type init-thermal-logging-sh_exec, exec_type, vendor_file_type, file_type; - -init_daemon_domain(init-thermal-logging-sh) - -userdebug_or_eng(` - allow init-thermal-logging-sh vendor_toolbox_exec:file rx_file_perms; - allow init-thermal-logging-sh sysfs_thermal:dir r_dir_perms; - allow init-thermal-logging-sh sysfs_thermal:file r_file_perms; -') diff --git a/thermal/init-thermal-symlinks.sh.te b/thermal/init-thermal-symlinks.sh.te deleted file mode 100644 index 093512c..0000000 --- a/thermal/init-thermal-symlinks.sh.te +++ /dev/null @@ -1,12 +0,0 @@ -type init-thermal-symlinks-sh, domain; -type init-thermal-symlinks-sh_exec, exec_type, vendor_file_type, file_type; - -init_daemon_domain(init-thermal-symlinks-sh) - -allow init-thermal-symlinks-sh vendor_toolbox_exec:file rx_file_perms; -allow init-thermal-symlinks-sh thermal_link_device:dir rw_dir_perms; -allow init-thermal-symlinks-sh thermal_link_device:lnk_file create_file_perms; -allow init-thermal-symlinks-sh sysfs_thermal:dir r_dir_perms; -allow init-thermal-symlinks-sh sysfs_thermal:file r_file_perms; -allow init-thermal-symlinks-sh sysfs_thermal:lnk_file r_file_perms; -set_prop(init-thermal-symlinks-sh, vendor_thermal_prop) diff --git a/thermal/pixel-thermal-control.sh.te b/thermal/pixel-thermal-control.sh.te deleted file mode 100644 index a6430f1..0000000 --- a/thermal/pixel-thermal-control.sh.te +++ /dev/null @@ -1,13 +0,0 @@ -type pixel-thermal-control-sh, domain; -type pixel-thermal-control-sh_exec, exec_type, vendor_file_type, file_type; - -init_daemon_domain(pixel-thermal-control-sh) - -userdebug_or_eng(` - allow pixel-thermal-control-sh vendor_toolbox_exec:file execute_no_trans; - allow pixel-thermal-control-sh sysfs_thermal:dir r_dir_perms; - allow pixel-thermal-control-sh sysfs_thermal:file rw_file_perms; - allow pixel-thermal-control-sh sysfs_thermal:lnk_file r_file_perms; - allow pixel-thermal-control-sh thermal_link_device:dir r_dir_perms; - get_prop(pixel-thermal-control-sh, vendor_thermal_prop) -') diff --git a/thermal/property.te b/thermal/property.te deleted file mode 100644 index 676c85a..0000000 --- a/thermal/property.te +++ /dev/null @@ -1,2 +0,0 @@ -#thermal HAL -vendor_internal_prop(vendor_thermal_prop) diff --git a/thermal/property_contexts b/thermal/property_contexts deleted file mode 100644 index 65a02ee..0000000 --- a/thermal/property_contexts +++ /dev/null @@ -1 +0,0 @@ -vendor.thermal. u:object_r:vendor_thermal_prop:s0 diff --git a/thermal/vendor_init.te b/thermal/vendor_init.te deleted file mode 100644 index aaf6ac1..0000000 --- a/thermal/vendor_init.te +++ /dev/null @@ -1,3 +0,0 @@ -allow vendor_init thermal_link_device:dir r_dir_perms; -allow vendor_init thermal_link_device:lnk_file r_file_perms; -set_prop(vendor_init, vendor_thermal_prop) |