diff options
| author | dianlujitao <dianlujitao@lineageos.org> | 2019-02-18 20:55:11 +0800 |
|---|---|---|
| committer | Isaac Chen <tingyi364@gmail.com> | 2019-09-01 13:46:30 +0200 |
| commit | 9c0b7188f0a9209dc20f15c244d1aa20d0bb33ba (patch) | |
| tree | d58f35b4985c23889fd2b14220f9bc97c0cc80bf /sepolicy | |
| parent | d90e487b85b23f73dd15f1d5ca84c857cfb3d109 (diff) | |
wayne-common: Access mlipay hal via a binder service
* Untrusted apps are no longer allowed to directly access hwbinder on
Pie, implement a system service as a middleware between mlipay hal
and untrusted apps.
* Xiaomi uses similar solution for MIUI on Pie.
Change-Id: Ie52376b1f7bcd84d219fe73bceb4bdd6cc2b9980
Diffstat (limited to 'sepolicy')
| -rw-r--r-- | sepolicy/hwservice.te | 2 | ||||
| -rw-r--r-- | sepolicy/system_app.te | 1 |
2 files changed, 2 insertions, 1 deletions
diff --git a/sepolicy/hwservice.te b/sepolicy/hwservice.te index 32adecb..6c299d1 100644 --- a/sepolicy/hwservice.te +++ b/sepolicy/hwservice.te @@ -1,2 +1,2 @@ type goodixhw_service, hwservice_manager_type; -type hal_mlipay_hwservice, hwservice_manager_type, untrusted_app_visible_hwservice; +type hal_mlipay_hwservice, hwservice_manager_type; diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te new file mode 100644 index 0000000..c9f1b37 --- /dev/null +++ b/sepolicy/system_app.te @@ -0,0 +1 @@ +hal_client_domain(system_app, hal_mlipay) |