clover: Add folio_daemon in sepolicy
Signed-off-by: pix106 <sbordenave@gmail.com>
This commit is contained in:
Jeff Vander Stoep
pix106
parent
d95ae2838e
commit
0d0b89ac7c
2 changed files with 18 additions and 2 deletions
19
sepolicy/vendor/folio_daemon.te
vendored
19
sepolicy/vendor/folio_daemon.te
vendored
|
|
@ -1,4 +1,19 @@
|
||||||
type folio_daemon, domain;
|
|
||||||
type folio_daemon_exec, exec_type, file_type;
|
|
||||||
|
|
||||||
|
type folio_daemon, domain;
|
||||||
|
type folio_daemon_exec, exec_type, vendor_file_type, file_type;
|
||||||
init_daemon_domain(folio_daemon)
|
init_daemon_domain(folio_daemon)
|
||||||
|
|
||||||
|
allow folio_daemon binder_device:chr_file rw_file_perms;
|
||||||
|
allow folio_daemon uhid_device:chr_file rw_file_perms;
|
||||||
|
|
||||||
|
# TODO(b/35870313): Remove this attribute when the corresponding bug is fixed and the treble
|
||||||
|
# violations are handled
|
||||||
|
typeattribute folio_daemon binder_in_vendor_violators;
|
||||||
|
typeattribute folio_daemon socket_between_core_and_vendor_violators;
|
||||||
|
allow folio_daemon system_server:unix_stream_socket rw_socket_perms_no_ioctl;
|
||||||
|
|
||||||
|
binder_use(folio_daemon)
|
||||||
|
binder_call(folio_daemon, system_server)
|
||||||
|
|
||||||
|
allow folio_daemon sensorservice_service:service_manager find;
|
||||||
|
allow folio_daemon permission_service:service_manager find;
|
||||||
|
|
|
||||||
1
sepolicy/vendor/system_server.te
vendored
Normal file
1
sepolicy/vendor/system_server.te
vendored
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
binder_call(system_server, folio_daemon)
|
||||||
Loading…
Reference in a new issue