android_device_xiaomi_sdm660-common/sepolicy/vendor/radio.te at 8c0971fdfcf637a8b6b470347a1c265ce544a1ac - MiPad4/android_device_xiaomi_sdm660-common - Forgejo: Beyond coding. We Forge.

MiPad4/android_device_xiaomi_sdm660-common

Bruno Martins a5de89d28b

sdm660-common: sepolicy: Add rules for older IMS blobs

Since Android 10 blobs are being used, org.codeaurora.ims still runs
as phone UID as seen by these denials:

  m.android.phone: type=1400 audit(0.0:2914): avc: denied { read } for name="u:object_r:qcom_ims_prop:s0" dev="tmpfs" ino=13660 scontext=u:r:radio:s0 tcontext=u:object_r:qcom_ims_prop:s0 tclass=file permissive=0
  m.android.phone: type=1400 audit(0.0:473): avc: denied { call } for scontext=u:r:radio:s0 tcontext=u:r:hal_imsrtp:s0 tclass=binder permissive=0

Change-Id: Ic8c1b7996b9e0e7b63ba2a153441c9e8467a8a31
Signed-off-by: clarencelol <clarencekuiek@icloud.com>

2021-02-20 11:55:48 +06:00

5 lines

309 B

Text

Raw Blame History

 allow radio hal_datafactory_hwservice:hwservice_manager find;
 binder_call(radio, cnd)
 binder_call(radio, hal_imsrtp)
 allow radio { cameraserver_service mediaextractor_service mediaserver_service mediametrics_service drmserver_service audioserver_service }:service_manager find;
 get_prop(radio, qcom_ims_prop)