renato97/android_device_xiaomi_vermeer
1
0
Fork 0
mirror of https://github.com/LineageOS/android_device_xiaomi_vermeer.git synced 2026-06-20 18:19:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

vermeer: sepolicy: Add xiaomi citsensorservice and sensorcommunicate policies

Browse Source 
Change-Id: I759b9402ac5b2faf666bb62b499924a639585764
This commit is contained in:
Fabian Leutenegger
2023-10-03 15:26:20 +02:00
committed by Lunark :3
parent da48c97ab7
commit 91919e0bf0
11 changed files with 106 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
sepolicy/vendor/attributes vendored Normal file
View File

@@ -0,0 +1,8 @@
# Sensors
attribute vendor_hal_citsensorservice_xiaomi;
attribute vendor_hal_citsensorservice_xiaomi_client;
attribute vendor_hal_citsensorservice_xiaomi_server;
attribute vendor_hal_sensorcommunicate;
attribute vendor_hal_sensorcommunicate_client;
attribute vendor_hal_sensorcommunicate_server;

1
sepolicy/vendor/device.te vendored Normal file
View File

@@ -0,0 +1 @@
type vendor_displayfeature_device, dev_type;

4
sepolicy/vendor/file_contexts vendored Normal file
View File

@@ -0,0 +1,4 @@
# Sensors
/(vendor|system/vendor|odm|vendor/odm)/bin/hw/vendor.xiaomi.sensor.citsensorservice@1.1-service u:object_r:vendor_hal_citsensorservice_xiaomi_default_exec:s0
/(vendor|system/vendor|odm|vendor/odm)/bin/hw/vendor.xiaomi.sensor.citsensorservice@2.0-service u:object_r:vendor_hal_citsensorservice_xiaomi_default_exec:s0
/(vendor|system/vendor|odm|vendor/odm)/bin/hw/vendor.xiaomi.sensor.communicate@1.0-service u:object_r:vendor_hal_sensorcommunicate_default_exec:s0

48
sepolicy/vendor/hal_citsensorservice_xiaomi.te vendored Normal file
View File

@@ -0,0 +1,48 @@
type vendor_hal_citsensorservice_xiaomi_default, domain;
type vendor_hal_citsensorservice_xiaomi_default_exec, exec_type, file_type, vendor_file_type;
type vendor_hal_citsensorservice_xiaomi_hwservice, hwservice_manager_type;
allow vendor_hal_citsensorservice_xiaomi_client vendor_hal_citsensorservice_xiaomi_server:binder { call transfer };
allow vendor_hal_citsensorservice_xiaomi_client vendor_hal_citsensorservice_xiaomi_server:binder transfer;
allow vendor_hal_citsensorservice_xiaomi_client vendor_hal_citsensorservice_xiaomi_server:fd *;
allow vendor_hal_citsensorservice_xiaomi_client vendor_hal_citsensorservice_xiaomi_hwservice:hwservice_manager find;
allow vendor_hal_citsensorservice_xiaomi_server vendor_hal_citsensorservice_xiaomi_client:binder transfer;
allow vendor_hal_citsensorservice_xiaomi_server vendor_hal_citsensorservice_xiaomi_client:binder { call transfer };
allow vendor_hal_citsensorservice_xiaomi_server vendor_hal_citsensorservice_xiaomi_client:fd *;
allow vendor_hal_citsensorservice_xiaomi_default input_device:dir rw_dir_perms;
allow vendor_hal_citsensorservice_xiaomi_default input_device:chr_file rw_file_perms;
allow vendor_hal_citsensorservice_xiaomi_default vendor_sysfs_data:file r_file_perms;
allow vendor_hal_citsensorservice_xiaomi_default self:socket create_socket_perms;
allow vendor_hal_citsensorservice_xiaomi_default self:qipcrtr_socket create_socket_perms;
allow vendor_hal_citsensorservice_xiaomi_default vendor_sysfs_graphics:dir r_dir_perms;
allow vendor_hal_citsensorservice_xiaomi_default vendor_sysfs_graphics:file r_file_perms;
allow vendor_hal_citsensorservice_xiaomi_default vendor_persist_sensors_file:dir create_dir_perms;
allow vendor_hal_citsensorservice_xiaomi_default vendor_persist_sensors_file:file create_file_perms;
allow vendor_hal_citsensorservice_xiaomi_default fwk_sensor_hwservice:hwservice_manager find;
allow vendor_hal_citsensorservice_xiaomi_default system_server:binder call;
allow vendor_hal_citsensorservice_xiaomi_default system_server:binder transfer;
allow vendor_hal_citsensorservice_xiaomi_default vendor_sysfs_displayfeature:dir search;
allow vendor_hal_citsensorservice_xiaomi_default vendor_sysfs_displayfeature:file { getattr open read };
allow vendor_hal_citsensorservice_xiaomi_default vendor_displayfeature_device:chr_file { ioctl open read write };
allow vendor_hal_citsensorservice_xiaomi_default hal_graphics_mapper_hwservice:hwservice_manager find;
allow vendor_hal_citsensorservice_xiaomi_default vendor_hal_display_config_hwservice:hwservice_manager find;
allow vendor_hal_citsensorservice_xiaomi_default vendor_hal_display_config_hwservice:binder { call transfer };
allow vendor_hal_citsensorservice_xiaomi_default vendor_hal_display_config_hwservice:fd *;
allow vendor_hal_citsensorservice_xiaomi_default hal_graphics_composer:binder { call transfer };
allow vendor_hal_citsensorservice_xiaomi_default hal_graphics_composer:fd *;
allow vendor_hal_citsensorservice_xiaomi_default vendor_qdisplay_service:service_manager find;
allow vendor_hal_citsensorservice_xiaomi_default hal_graphics_composer_default:binder transfer;
allow vendor_hal_citsensorservice_xiaomi_default vendor_hal_sensorcommunicate_default:binder call;
allow vendor_hal_citsensorservice_xiaomi_default vendor_hal_sensorcommunicate_default:binder transfer;
allowxperm vendor_hal_citsensorservice_xiaomi_default self:socket ioctl { 0xc300 0xc301 0xc302 0xc303 0xc304 0xc305 };
allowxperm vendor_hal_citsensorservice_xiaomi_default self:qipcrtr_socket ioctl { 0xc300 0xc301 0xc302 0xc303 0xc304 0xc305 };
init_daemon_domain(vendor_hal_citsensorservice_xiaomi_default)
r_dir_file(vendor_hal_citsensorservice_xiaomi_default, mnt_vendor_file)
get_prop(vendor_hal_citsensorservice_xiaomi_default, vendor_displayfeature_prop)
get_prop(vendor_hal_citsensorservice_xiaomi_default, vendor_sensors_prop)
get_prop(vendor_hal_citsensorservice_xiaomi_default, vendor_parsedalgo_prop)
set_prop(vendor_hal_citsensorservice_xiaomi_default, vendor_cct_prop)
vndbinder_use(vendor_hal_citsensorservice_xiaomi)
hal_server_domain(vendor_hal_citsensorservice_xiaomi_default, vendor_hal_citsensorservice_xiaomi)
hal_client_domain(vendor_hal_citsensorservice_xiaomi_default, hal_graphics_allocator)
add_hwservice(vendor_hal_citsensorservice_xiaomi_server, vendor_hal_citsensorservice_xiaomi_hwservice)

1
sepolicy/vendor/hal_display_config.te vendored Normal file
View File

@@ -0,0 +1 @@
allow vendor_hal_display_config_hwservice vendor_hal_citsensorservice_xiaomi_default:binder transfer;

5
sepolicy/vendor/hal_graphics_composer.te vendored Normal file
View File

@@ -0,0 +1,5 @@
allow hal_graphics_composer vendor_hal_citsensorservice_xiaomi_default:binder transfer;
allow hal_graphics_composer vendor_hal_citsensorservice_xiaomi_hwservice:hwservice_manager find;
allow hal_graphics_composer_default vendor_hal_citsensorservice_xiaomi_default:binder call;
allow hal_graphics_composer_default vendor_hal_citsensorservice_xiaomi_default:binder { call transfer };
allow hal_graphics_composer_default vendor_hal_citsensorservice_xiaomi_default:fd *;

24
sepolicy/vendor/hal_sensorcommunicate.te vendored Normal file
View File

@@ -0,0 +1,24 @@
type vendor_hal_sensorcommunicate_default, domain;
type vendor_hal_sensorcommunicate_default_exec, exec_type, file_type, vendor_file_type;
type vendor_hal_sensorcommunicate_hwservice, hwservice_manager_type;
allow vendor_hal_sensorcommunicate_client vendor_hal_sensorcommunicate_server:binder { call transfer };
allow vendor_hal_sensorcommunicate_client vendor_hal_sensorcommunicate_server:binder transfer;
allow vendor_hal_sensorcommunicate_client vendor_hal_sensorcommunicate_server:fd *;
allow vendor_hal_sensorcommunicate_client vendor_hal_sensorcommunicate_hwservice:hwservice_manager find;
allow vendor_hal_sensorcommunicate_server vendor_hal_sensorcommunicate_client:binder transfer;
allow vendor_hal_sensorcommunicate_server vendor_hal_sensorcommunicate_client:binder { call transfer };
allow vendor_hal_sensorcommunicate_server vendor_hal_sensorcommunicate_client:fd *;
allow vendor_hal_sensorcommunicate_default fwk_sensor_hwservice:hwservice_manager find;
allow vendor_hal_sensorcommunicate_default vendor_hal_citsensorservice_xiaomi_hwservice:hwservice_manager find;
allow vendor_hal_sensorcommunicate_default system_server:binder call;
allow vendor_hal_sensorcommunicate_default system_server:binder transfer;
allow vendor_hal_sensorcommunicate_default vendor_hal_citsensorservice_xiaomi_default:binder call;
allow vendor_hal_sensorcommunicate_default vendor_hal_citsensorservice_xiaomi_default:binder transfer;
allow vendor_hal_sensorcommunicate_default mnt_vendor_file:dir search;
allow vendor_hal_sensorcommunicate_default vendor_persist_sensors_file:dir search;
allow vendor_hal_sensorcommunicate_default vendor_persist_sensors_file:file { getattr open read };
init_daemon_domain(vendor_hal_sensorcommunicate_default)
hwbinder_use(vendor_hal_sensorcommunicate_default)
hal_server_domain(vendor_hal_sensorcommunicate_default, vendor_hal_sensorcommunicate)
add_hwservice(vendor_hal_sensorcommunicate_server, vendor_hal_sensorcommunicate_hwservice)

3
sepolicy/vendor/hwservice_contexts vendored Normal file
View File

@@ -0,0 +1,3 @@
# Sensors
vendor.xiaomi.sensor.citsensorservice::ICitSensorService u:object_r:vendor_hal_citsensorservice_xiaomi_hwservice:s0
vendor.xiaomi.sensor.communicate::ISensorCommunicate u:object_r:vendor_hal_sensorcommunicate_hwservice:s0

6
sepolicy/vendor/property.te vendored Normal file
View File

@@ -0,0 +1,6 @@
# Displayfeature
vendor_public_prop(vendor_displayfeature_prop)
# Sensors
vendor_public_prop(vendor_cct_prop)
vendor_public_prop(vendor_parsedalgo_prop)

3
sepolicy/vendor/property_contexts vendored Normal file
View File

@@ -0,0 +1,3 @@
# Sensors
persist.vendor.sensors.parsedalgo. u:object_r:vendor_parsedalgo_prop:s0
persist.vendor.trigger.cct u:object_r:vendor_cct_prop:s0

3
sepolicy/vendor/system_server.te vendored Normal file
View File

@@ -0,0 +1,3 @@
# Sensors
allow system_server vendor_hal_citsensorservice_xiaomi_default:binder { call transfer };
allow system_server vendor_hal_sensorcommunicate_default:binder { call transfer };