sdm660-common: Clean up sepolicy for Android 11
checkpolicy: error(s) encountered while parsing configuration Changes in Android 11 * dpmd > vendor_dpmd * persist_camera_prop > vendor_persist_camera_prop * persist_dpm_prop > vendor_persist_dpm_prop Signed-off-by: OdSazib <odsazib@gmail.com>
This commit is contained in:
OdSazib
parent
31de151a0d
commit
f614ba1ce6
5 changed files with 22 additions and 24 deletions
|
|
@ -1,2 +1,2 @@
|
|||
# Allow appdomain to get persist_camera_prop
|
||||
get_prop(appdomain, persist_camera_prop)
|
||||
get_prop(appdomain, vendor_persist_camera_prop)
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
set_prop(dpmd, ctl_stop_prop)
|
||||
set_prop(vendor_dpmd, ctl_stop_prop)
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
binder_call(system_server, folio_daemon)
|
||||
|
||||
# Allow system_server to set persist_camera_prop
|
||||
get_prop(system_server, persist_camera_prop)
|
||||
get_prop(system_server, vendor_persist_camera_prop)
|
||||
|
|
|
|||
|
|
@ -1,2 +1,2 @@
|
|||
# Allow vendor_init to set persist_camera_prop
|
||||
set_prop(vendor_init, persist_camera_prop)
|
||||
set_prop(vendor_init, vendor_persist_camera_prop)
|
||||
|
|
|
|||
38
sepolicy/vendor/vendor_init.te
vendored
38
sepolicy/vendor/vendor_init.te
vendored
|
|
@ -8,29 +8,27 @@ allow vendor_init {
|
|||
camera_data_file
|
||||
}:dir { create search getattr open read setattr ioctl write add_name remove_name rmdir relabelfrom };
|
||||
|
||||
allow vendor_init unlabeled:{ dir file } { getattr relabelfrom };
|
||||
|
||||
allow vendor_init media_rw_data_file:file { getattr relabelfrom };
|
||||
|
||||
allow vendor_init rootfs:dir { add_name create setattr write };
|
||||
allow vendor_init persist_debug_prop:property_service set;
|
||||
allow vendor_init persist_debug_prop:file read;
|
||||
allow vendor_init persist_dpm_prop:property_service set;
|
||||
allow vendor_init qcom_ims_prop:property_service set;
|
||||
allow vendor_init thermal_engine_prop:property_service set;
|
||||
allow vendor_init vendor_ssr_prop:property_service set;
|
||||
allow vendor_init audio_prop:property_service set;
|
||||
allow vendor_init vendor_fp_prop:property_service set;
|
||||
allow vendor_init reschedule_service_prop:property_service set;
|
||||
allow vendor_init bservice_prop:property_service set;
|
||||
|
||||
allow vendor_init rootfs:dir { add_name write };
|
||||
allow vendor_init rootfs:lnk_file setattr;
|
||||
allow vendor_init fingerprint_data_file:dir {setattr create};
|
||||
|
||||
allow vendor_init blkio_dev:file write;
|
||||
allow vendor_init media_rw_data_file:file { getattr relabelfrom };
|
||||
allow vendor_init persist_debug_prop:file read;
|
||||
allow vendor_init rootfs:dir { add_name create setattr write };
|
||||
allow vendor_init rootfs:lnk_file setattr;
|
||||
allow vendor_init unlabeled:{ dir file } { getattr relabelfrom };
|
||||
allow vendor_init blkio_dev:file { open read write create };
|
||||
allow vendor_init proc_dirty:file write;
|
||||
|
||||
allow vendor_init {
|
||||
audio_prop
|
||||
bservice_prop
|
||||
persist_debug_prop
|
||||
vendor_persist_dpm_prop
|
||||
qcom_ims_prop
|
||||
reschedule_service_prop
|
||||
thermal_engine_prop
|
||||
vendor_ssr_prop
|
||||
vendor_fp_prop
|
||||
}:property_service set;
|
||||
|
||||
set_prop(vendor_init, camera_prop)
|
||||
set_prop(vendor_init, vendor_camera_prop)
|
||||
set_prop(vendor_init, freq_prop)
|
||||
|
|
|
|||
Loading…
Reference in a new issue