diff options
Diffstat (limited to 'usf/sensor_hal.te')
-rw-r--r-- | usf/sensor_hal.te | 83 |
1 files changed, 0 insertions, 83 deletions
diff --git a/usf/sensor_hal.te b/usf/sensor_hal.te deleted file mode 100644 index 595aeef..0000000 --- a/usf/sensor_hal.te +++ /dev/null @@ -1,83 +0,0 @@ -# -# USF sensor HAL SELinux type enforcements. -# - -# Allow reading of sensor registry persist files and camera persist files. -allow hal_sensors_default persist_file:dir search; -allow hal_sensors_default mnt_vendor_file:dir search; -r_dir_file(hal_sensors_default, persist_sensor_reg_file) -r_dir_file(hal_sensors_default, persist_camera_file) - -# Allow creation and writing of sensor registry data files. -allow hal_sensors_default sensor_reg_data_file:dir rw_dir_perms; -allow hal_sensors_default sensor_reg_data_file:file create_file_perms; - -userdebug_or_eng(` - # Allow creation and writing of sensor debug data files. - allow hal_sensors_default sensor_debug_data_file:dir rw_dir_perms; - allow hal_sensors_default sensor_debug_data_file:file create_file_perms; -') - -# Allow access to the AoC communication driver. -allow hal_sensors_default aoc_device:chr_file rw_file_perms; - -# Allow access to the AoC clock and kernel boot time sys FS node. This is needed -# to synchronize the AP and AoC clock timestamps. -allow hal_sensors_default sysfs_aoc_boottime:file rw_file_perms; - -# Allow create thread to watch AOC's device. -allow hal_sensors_default device:dir r_dir_perms; - -# Allow access to the files of CDT information. -r_dir_file(hal_sensors_default, sysfs_chosen) - -# Allow display_info_service access to the backlight driver. -allow hal_sensors_default sysfs_leds:dir search; -allow hal_sensors_default sysfs_leds:file rw_file_perms; - -# Allow access to the power supply files for MagCC. -r_dir_file(hal_sensors_default, sysfs_batteryinfo) -allow hal_sensors_default sysfs_wlc:dir r_dir_perms; - -# Allow access to sensor service for sensor_listener. -binder_call(hal_sensors_default, system_server); - -# Allow access to the sysfs_aoc. -allow hal_sensors_default sysfs_aoc:dir search; -allow hal_sensors_default sysfs_aoc:file r_file_perms; - -# Allow use of the USF low latency transport. -usf_low_latency_transport(hal_sensors_default) - -# Allow sensor HAL to reset AOC. -allow hal_sensors_default sysfs_aoc_reset:file rw_file_perms; - -# Allow sensor HAL to read AoC dumpstate. -allow hal_sensors_default sysfs_aoc_dumpstate:file r_file_perms; - -# Allow access for AoC properties. -get_prop(hal_sensors_default, vendor_aoc_prop) - -# Allow access for dynamic sensor properties. -get_prop(hal_sensors_default, vendor_dynamic_sensor_prop) - -# Allow access to raw HID devices for dynamic sensors. -allow hal_sensors_default hidraw_device:chr_file rw_file_perms; - -# Allow sensor HAL to access the display service HAL -allow hal_sensors_default hal_pixel_display_service:service_manager find; -binder_call(hal_sensors_default, hal_graphics_composer_default) - -# Allow sensor HAL to access to display sysfs. -allow hal_sensors_default sysfs_display:file r_file_perms; - -# -# Suez type enforcements. -# - -# Allow SensorSuez to connect AIDL stats. -binder_use(hal_sensors_default); -allow hal_sensors_default fwk_stats_service:service_manager find; - -# Allow access to CHRE socket to connect to nanoapps. -unix_socket_connect(hal_sensors_default, chre, chre) |