diff options
| author | kleidione Freitas <kleidione@gmail.com> | 2022-03-06 11:57:51 -0300 |
|---|---|---|
| committer | sinanmohd <pcmsinan@gmail.com> | 2023-01-05 21:30:23 +0530 |
| commit | 3607af54ca48c8a145a97bab0cf5012d45ade555 (patch) | |
| tree | 4f1a2239da3dd089a49e0eaedcf46a12ca41617b /sepolicy | |
| parent | 59e11d3ea1b69feb0a7027fa87eb3fd9a7530c87 (diff) | |
veux: Import XiaomiParts from sm8250
Credits:
https://github.com/xiaomi-sm8250-devs/android_device_xiaomi_sm8250-common
- Adapte to pixelexperiece
- Drop doze
- Drop fod and pop camera
- Add Clear speaker
- Adapte SEPolicy credis: [Sebastiano Barezzi, Chenyang Zhong]
Co-authored-by: Sebastiano Barezzi <barezzisebastiano@gmail.com>
Co-authored-by: Adithya R <gh0strider.2k18.reborn@gmail.com>
Co-authored-by: kubersharma001 <kubersharma001@gmail.com>
Co-authored-by: TheScarastic <warabhishek@gmail.com>
Co-authored-by: Joey <joey@lineageos.org>
Signed-off-by: kleidione <kleidione@gmail.com>
Diffstat (limited to 'sepolicy')
| -rw-r--r-- | sepolicy/private/devicesettings_app.te | 28 | ||||
| -rw-r--r-- | sepolicy/private/seapp_contexts | 1 | ||||
| -rw-r--r-- | sepolicy/public/devicesettings_app.te | 3 | ||||
| -rw-r--r-- | sepolicy/vendor/thermal-engine.te | 11 |
4 files changed, 32 insertions, 11 deletions
diff --git a/sepolicy/private/devicesettings_app.te b/sepolicy/private/devicesettings_app.te new file mode 100644 index 0000000..6e6a44b --- /dev/null +++ b/sepolicy/private/devicesettings_app.te @@ -0,0 +1,28 @@ +app_domain(devicesettings_app) + +# Allow devicesettings_app to find *_service +allow devicesettings_app { + app_api_service + audioserver_service + cameraserver_service + drmserver_service + mediaextractor_service + mediametrics_service + mediaserver_service +}:service_manager find; + +# Allow devicesettings_app read and write /data/data subdirectory +allow devicesettings_app system_app_data_file:dir create_dir_perms; +allow devicesettings_app system_app_data_file:{ file lnk_file } create_file_perms; + +# Allow binder communication with gpuservice +binder_call(devicesettings_app, gpuservice) + +# Allow devicesettings_app to read and write to cgroup/sysfs_leds/sysfs_thermal +allow devicesettings_app sysfs_leds:dir search; +#allow devicesettings_app vendor_sysfs_graphics:dir search; +allow devicesettings_app { + cgroup + sysfs_leds + sysfs_thermal +}:{ file lnk_file } rw_file_perms;
\ No newline at end of file diff --git a/sepolicy/private/seapp_contexts b/sepolicy/private/seapp_contexts new file mode 100644 index 0000000..0b3253a --- /dev/null +++ b/sepolicy/private/seapp_contexts @@ -0,0 +1 @@ +user=system seinfo=platform name=org.lineageos.settings domain=devicesettings_app type=system_app_data_file
\ No newline at end of file diff --git a/sepolicy/public/devicesettings_app.te b/sepolicy/public/devicesettings_app.te new file mode 100644 index 0000000..7af5e9b --- /dev/null +++ b/sepolicy/public/devicesettings_app.te @@ -0,0 +1,3 @@ +type devicesettings_app, domain; +typeattribute devicesettings_app mlstrustedsubject; +dontaudit devicesettings_app default_prop:file read;
\ No newline at end of file diff --git a/sepolicy/vendor/thermal-engine.te b/sepolicy/vendor/thermal-engine.te deleted file mode 100644 index 6e59f5b..0000000 --- a/sepolicy/vendor/thermal-engine.te +++ /dev/null @@ -1,11 +0,0 @@ -allow vendor_thermal-engine { - vendor_sysfs_devfreq - thermal_data_file -}:dir r_dir_perms; - -allow vendor_thermal-engine vendor_sysfs_devfreq:file rw_file_perms; - -# Rule for vendor_thermal-engine to access init process -unix_socket_connect(vendor_thermal-engine, property, init); - -set_prop(vendor_thermal-engine, vendor_thermal_normal_prop)
\ No newline at end of file |