From 73bc815d397b47f1d6d0c74f98d4a4b697b19a96 Mon Sep 17 00:00:00 2001 From: Davide Garberi Date: Sat, 31 Aug 2019 18:52:20 +0200 Subject: sdm660-common: Convert to 660 common tree Change-Id: I903039730f4181f6a326f28e0ea212db68bdabcc --- sepolicy/vendor/file_contexts | 4 ++-- sepolicy/vendor/hal_fingerprint_sdm660.te | 39 +++++++++++++++++++++++++++++++ sepolicy/vendor/hal_fingerprint_wayne.te | 39 ------------------------------- 3 files changed, 41 insertions(+), 41 deletions(-) create mode 100644 sepolicy/vendor/hal_fingerprint_sdm660.te delete mode 100644 sepolicy/vendor/hal_fingerprint_wayne.te (limited to 'sepolicy') diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts index 6939ff5..81d9822 100644 --- a/sepolicy/vendor/file_contexts +++ b/sepolicy/vendor/file_contexts @@ -1,5 +1,5 @@ # Biometric -/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.xiaomi_wayne u:object_r:hal_fingerprint_wayne_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.xiaomi_sdm660 u:object_r:hal_fingerprint_sdm660_exec:s0 # Fpc Fingerprint /sys/devices/soc/soc:fpc1020(/.*)? u:object_r:fingerprint_sysfs:s0 @@ -27,7 +27,7 @@ /vendor/usr/keylayout(/.*)? u:object_r:vendor_keylayout_file:s0 # Light HAL -/(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.xiaomi_wayne u:object_r:hal_light_default_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.xiaomi_sdm660 u:object_r:hal_light_default_exec:s0 # Mlipay /(vendor|system/vendor)/bin/mlipayd@1.1 u:object_r:hal_mlipay_default_exec:s0 diff --git a/sepolicy/vendor/hal_fingerprint_sdm660.te b/sepolicy/vendor/hal_fingerprint_sdm660.te new file mode 100644 index 0000000..57cc91e --- /dev/null +++ b/sepolicy/vendor/hal_fingerprint_sdm660.te @@ -0,0 +1,39 @@ +type hal_fingerprint_sdm660, domain, binder_in_vendor_violators; +hal_server_domain(hal_fingerprint_sdm660, hal_fingerprint) + +type hal_fingerprint_sdm660_exec, exec_type, vendor_file_type, file_type; +typeattribute hal_fingerprint_sdm660 data_between_core_and_vendor_violators; +binder_use(hal_fingerprint_sdm660) +init_daemon_domain(hal_fingerprint_sdm660) + +allow hal_fingerprint_sdm660 fingerprint_device:chr_file { read write open ioctl }; +allow hal_fingerprint_sdm660 { tee_device uhid_device }:chr_file { read write open ioctl }; +allow hal_fingerprint_sdm660 fingerprint_data_file:file rw_file_perms; +allow hal_fingerprint_sdm660 fingerprintd_data_file:dir rw_dir_perms; +allow hal_fingerprint_sdm660 fingerprintd_data_file:file create_file_perms; +allow hal_fingerprint_sdm660 { fuse mnt_user_file storage_file }:dir search; +allow hal_fingerprint_sdm660 { mnt_user_file storage_file }:lnk_file read; +allow hal_fingerprint_sdm660 fingerprint_sysfs:dir r_dir_perms; +allow hal_fingerprint_sdm660 fingerprint_sysfs:file rw_file_perms; + +allow hal_fingerprint_sdm660 hal_fingerprint_sdm660:netlink_socket { create bind write read }; + +binder_call(hal_fingerprint_sdm660, vndservicemanager) +binder_call(hal_fingerprint_sdm660, hal_perf_default) + +binder_use(hal_fingerprint_sdm660) + +r_dir_file(hal_fingerprint_sdm660, firmware_file) + +add_service(hal_fingerprint_sdm660, goodixvnd_service) +add_hwservice(hal_fingerprint_sdm660, goodixhw_service) + +allow hal_fingerprint_sdm660 vndbinder_device:chr_file ioctl; + +get_prop(hal_fingerprint_sdm660, hal_fingerprint_prop) +set_prop(hal_fingerprint_sdm660, hal_fingerprint_prop) + +vndbinder_use(hal_fingerprint_sdm660) + +dontaudit hal_fingerprint_sdm660 { media_rw_data_file sdcardfs}:dir search; +dontaudit hal_fingerprint_sdm660 media_rw_data_file:dir { read open }; diff --git a/sepolicy/vendor/hal_fingerprint_wayne.te b/sepolicy/vendor/hal_fingerprint_wayne.te deleted file mode 100644 index 11a99de..0000000 --- a/sepolicy/vendor/hal_fingerprint_wayne.te +++ /dev/null @@ -1,39 +0,0 @@ -type hal_fingerprint_wayne, domain, binder_in_vendor_violators; -hal_server_domain(hal_fingerprint_wayne, hal_fingerprint) - -type hal_fingerprint_wayne_exec, exec_type, vendor_file_type, file_type; -typeattribute hal_fingerprint_wayne data_between_core_and_vendor_violators; -binder_use(hal_fingerprint_wayne) -init_daemon_domain(hal_fingerprint_wayne) - -allow hal_fingerprint_wayne fingerprint_device:chr_file { read write open ioctl }; -allow hal_fingerprint_wayne { tee_device uhid_device }:chr_file { read write open ioctl }; -allow hal_fingerprint_wayne fingerprint_data_file:file rw_file_perms; -allow hal_fingerprint_wayne fingerprintd_data_file:dir rw_dir_perms; -allow hal_fingerprint_wayne fingerprintd_data_file:file create_file_perms; -allow hal_fingerprint_wayne { fuse mnt_user_file storage_file }:dir search; -allow hal_fingerprint_wayne { mnt_user_file storage_file }:lnk_file read; -allow hal_fingerprint_wayne fingerprint_sysfs:dir r_dir_perms; -allow hal_fingerprint_wayne fingerprint_sysfs:file rw_file_perms; - -allow hal_fingerprint_wayne hal_fingerprint_wayne:netlink_socket { create bind write read }; - -binder_call(hal_fingerprint_wayne, vndservicemanager) -binder_call(hal_fingerprint_wayne, hal_perf_default) - -binder_use(hal_fingerprint_wayne) - -r_dir_file(hal_fingerprint_wayne, firmware_file) - -add_service(hal_fingerprint_wayne, goodixvnd_service) -add_hwservice(hal_fingerprint_wayne, goodixhw_service) - -allow hal_fingerprint_wayne vndbinder_device:chr_file ioctl; - -get_prop(hal_fingerprint_wayne, hal_fingerprint_prop) -set_prop(hal_fingerprint_wayne, hal_fingerprint_prop) - -vndbinder_use(hal_fingerprint_wayne) - -dontaudit hal_fingerprint_wayne { media_rw_data_file sdcardfs}:dir search; -dontaudit hal_fingerprint_wayne media_rw_data_file:dir { read open }; -- cgit v1.2.3