MiPad4/android_device_xiaomi_sdm660-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

wayne: sepolicy: Add sepolicy for goodix script

Browse source 
Change-Id: Ic8b7dba6a5660c17f5db1c743e5d22f31ae1b1b3
This commit is contained in:
TheScarastic 2018-07-09 20:46:22 +05:30 committed by Isaac Chen
parent cff97f0832
commit 80a669c55a
3 changed files with 19 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
biometrics/android.hardware.biometrics.fingerprint@2.1-service.xiaomi_wayne.rc
View file

@ -18,5 +18,5 @@ service fps_hal /vendor/bin/hw/android.hardware.biometrics.fingerprint@2.1-servi
service goodix_script /vendor/bin/init.goodix.sh service goodix_script /vendor/bin/init.goodix.sh
class late_start class late_start
user root user system
oneshot oneshot

3
sepolicy/file_contexts
View file

@ -16,3 +16,6 @@
# Light HAL # Light HAL
/(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.xiaomi_wayne u:object_r:hal_light_default_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.xiaomi_wayne u:object_r:hal_light_default_exec:s0
# Shell Script
/(vendor|system/vendor)/bin/init\.goodix\.sh u:object_r:init_fingerprint_exec:s0

15
sepolicy/init_fingerprint.te Normal file
View file

@ -0,0 +1,15 @@
type init_fingerprint, domain;
type init_fingerprint_exec, exec_type, vendor_file_type, file_type;
# Allow for transition from init domain to init_fingerprint
init_daemon_domain(init_fingerprint)
# Shell script needs to execute /vendor/bin/sh
allow init_fingerprint vendor_shell_exec:file rx_file_perms;
allow init_fingerprint vendor_toolbox_exec:file rx_file_perms;
# Allow to delete file
allow init_fingerprint persist_file:dir search;
allow init_fingerprint persist_drm_file:dir { read search open write remove_name };
allow init_fingerprint persist_drm_file:file { getattr unlink };
allow init_fingerprint system_data_file:file r_file_perms;