xiaomi-unicorn1/android_device_qcom_sepolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge tag 'LA.QSSI.13.0.r1-07500-qssi.0' into staging/lineage-20.0_merge-LA.QSSI.13.0.r1-07500-qssi.0

Browse Source 
"LA.QSSI.13.0.r1-07500-qssi.0"

# By Sanghoon Shin (2) and yingjiew (1)
# Via Gerrit - the friendly Code Review server (2) and Linux Build Service Account (1)
* tag 'LA.QSSI.13.0.r1-07500-qssi.0':
  sepolicy:qcc: switch to platform app
  sepolicy:qcc: switch to platform app
  Rm LocAidlGnss in hal_gnss_service domain of QSSI

Change-Id: I7db39ffd8fbc8b72a0bc2b46cfd69c5c10c85d7a
This commit is contained in:
Michael Bestas
2022-11-09 18:59:24 +02:00
parent 583ef74f92 1b4f8a8371
commit c8bde922d3
4 changed files with 15 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
generic/private/file.te
View File

@@ -24,12 +24,16 @@
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
# Changes from Qualcomm Innovation Center are provided under the following license:
# Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
# SPDX-License-Identifier: BSD-3-Clause-Clear
type vendor_seemp_data_file, core_data_file_type, data_file_type, file_type;
type vendor_dpmd_socket, file_type, coredomain_socket;
type vendor_dpmd_data_file, file_type, data_file_type, core_data_file_type;
type vendor_dpmwrapper_socket, file_type, coredomain_socket, mlstrustedobject;
type vendor_qcc_data_file, file_type, data_file_type, core_data_file_type;
type vendor_qcc_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject;
type vendor_qcc_app_socket, file_type, mlstrustedobject, coredomain_socket;
type vendor_sys_sxrauxd_data_file, file_type, data_file_type, core_data_file_type;
type vendor_sys_sxrauxd_socket, file_type, coredomain_socket;

14
generic/private/qcc_app.te
View File

@@ -30,11 +30,10 @@
# Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
# SPDX-License-Identifier: BSD-3-Clause-Clear
typeattribute vendor_qcc_app mlstrustedsubject;
app_domain(vendor_qcc_app)
net_domain(vendor_qcc_app)
binder_use(vendor_qcc_app)
hal_client_domain(vendor_qcc_app, vendor_qccsyshal);
allow vendor_qcc_app radio_service:service_manager find;
# for vendor_perf_service
@@ -50,13 +49,10 @@ unix_socket_connect(vendor_qcc_app, vendor_dpmtcm, vendor_tcmd)
# allow access to mediadrmserver for qdmastats/wvstats
allow vendor_qcc_app mediadrmserver_service:service_manager find;
# allow vendor_qcc_app to access system_app_data_file
# necessary for read and write /data/user_de/0/com.---.qti.qdma subdirectory.
allow vendor_qcc_app system_data_file:dir search;
allow vendor_qcc_app system_app_data_file:dir create_dir_perms;
allow vendor_qcc_app system_app_data_file:file create_file_perms;
allow vendor_qcc_app user_profile_root_file:dir search;
# allow vendor_qcc_app to access app_data_file
# necessary for read and write /data/user_de/0/data subdirectory.
allow vendor_qcc_app app_data_file:dir create_dir_perms;
allow vendor_qcc_app app_data_file:file create_file_perms;
# allow cgroup access
allow vendor_qcc_app cgroup:file rw_file_perms;

6
generic/private/seapp_contexts
View File

@@ -24,6 +24,10 @@
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
# Changes from Qualcomm Innovation Center are provided under the following license:
# Copyright (c) 2022 Qualcomm Innovation Center, Inc. All rights reserved.
# SPDX-License-Identifier: BSD-3-Clause-Clear
#Add new domain for DataServices
# Needed for CNEService , uceShimService and other connectivity services
@@ -47,7 +51,7 @@ user=_app seinfo=platform name=com.qualcomm.wfd.service:wfd_service domain=vendo
user=_app seinfo=platform name=com.qualcomm.wfd.client domain=vendor_wfd_app type=app_data_file levelfrom=all
#Add new domain for QCC
user=system seinfo=platform name=com.qti.qcc isPrivApp=true domain=vendor_qcc_app type=system_app_data_file
user=_app seinfo=platform name=com.qti.qcc domain=vendor_qcc_app type=app_data_file levelFrom=all
#Add new domain for QCCLMTP
user=system seinfo=platform name=com.qualcomm.qti.qcclmtp isPrivApp=true domain=vendor_qcc_lmtp_app type=system_app_data_file
#Add new domain for QCCNetstat

1
generic/private/service_contexts
View File

@@ -46,7 +46,6 @@ vendor.vpsservice u:object_r:vendor_vps_service:s0
vendor.qspmsvc u:object_r:vendor_qspmsvc_service:s0
nfc_settings u:object_r:nfc_service:s0
nfc.st_ext u:object_r:nfc_service:s0
vendor.qti.gnss.ILocAidlGnss/default u:object_r:hal_gnss_service:s0
vendor.qvirtmgr u:object_r:vendor_qvirtmgr_service:s0
vendor.qti.qesdsys.IQesdSys/default u:object_r:vendor_qesdk_service:s0
vendor.qti.hardware.radio.atcmdfwd.IAtCmdFwd/AtCmdFwdAidl u:object_r:radio_service:s0