summaryrefslogtreecommitdiff
path: root/sepolicy
diff options
context:
space:
mode:
Diffstat (limited to 'sepolicy')
-rw-r--r--sepolicy/vendor/app.te3
-rw-r--r--sepolicy/vendor/file.te3
-rw-r--r--sepolicy/vendor/file_contexts5
-rw-r--r--sepolicy/vendor/vendor_init.te2
4 files changed, 12 insertions, 1 deletions
diff --git a/sepolicy/vendor/app.te b/sepolicy/vendor/app.te
index 511cc3f..971d3fa 100644
--- a/sepolicy/vendor/app.te
+++ b/sepolicy/vendor/app.te
@@ -1,2 +1,5 @@
get_prop({ appdomain -isolated_app }, hal_fingerprint_prop)
get_prop({ appdomain -isolated_app }, mlipay_prop)
+
+allow { appdomain -isolated_app } adsprpcd_file:dir r_dir_perms;
+allow { appdomain -isolated_app } public_adsprpcd_file:file r_file_perms;
diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te
index f2e1ab4..6e4d3e4 100644
--- a/sepolicy/vendor/file.te
+++ b/sepolicy/vendor/file.te
@@ -1,4 +1,5 @@
type ir_dev_file, file_type;
-type sysfs_touchpanel, fs_type, sysfs_type;
+type public_adsprpcd_file, file_type;
type sysfs_fingerprint, fs_type, sysfs_type;
+type sysfs_touchpanel, fs_type, sysfs_type;
type thermal_data_file, file_type, data_file_type;
diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index 616afd3..164e75b 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -12,6 +12,11 @@
/firmware u:object_r:firmware_file:s0
/bt_firmware u:object_r:bt_firmware_file:s0
+# Hexagon DSP-side executable needed for Halide operation
+# This is labeled as public_adsprpcd_file as it needs to be read by apps
+# (e.g. Google Camera App)
+/mnt/vendor/dsp/fastrpc_shell_3 u:object_r:public_adsprpcd_file:s0
+
# IR
/dev/lirc0 u:object_r:spidev_device:s0
/dev/spidev7.1 u:object_r:spidev_device:s0
diff --git a/sepolicy/vendor/vendor_init.te b/sepolicy/vendor/vendor_init.te
index 466bd1d..9138eaa 100644
--- a/sepolicy/vendor/vendor_init.te
+++ b/sepolicy/vendor/vendor_init.te
@@ -5,5 +5,7 @@ allow vendor_init {
tombstone_data_file
}:dir { create search getattr open read setattr ioctl write add_name remove_name rmdir relabelfrom };
+allow init adsprpcd_file:file mounton;
+
set_prop(vendor_init, freq_prop)
set_prop(vendor_init, camera_prop)