sm8350-common: sepolicy: Add mlipay rules
Change-Id: I1023e481d49ed5ec0ae15a513c65133987d6f556
This commit is contained in:
Erfan Abdi
Arian
parent
5d25df15c4
commit
7055015a16
3
sepolicy/public/attributes
Normal file
3
sepolicy/public/attributes
Normal file
@ -0,0 +1,3 @@
|
||||
attribute hal_mlipay;
|
||||
attribute hal_mlipay_client;
|
||||
attribute hal_mlipay_server;
|
||||
1
sepolicy/vendor/app.te
vendored
Normal file
1
sepolicy/vendor/app.te
vendored
Normal file
@ -0,0 +1 @@
|
||||
get_prop({ appdomain -isolated_app }, mlipay_prop)
|
||||
3
sepolicy/vendor/file_contexts
vendored
3
sepolicy/vendor/file_contexts
vendored
@ -14,6 +14,9 @@
|
||||
# IR
|
||||
/dev/ir_spi u:object_r:ir_spi_device:s0
|
||||
|
||||
# Mlipay
|
||||
/(vendor|system/vendor)/bin/mlipayd@1.1 u:object_r:hal_mlipay_default_exec:s0
|
||||
|
||||
# Power
|
||||
/sys/devices/virtual/touch/tp_dev/double_tap u:object_r:vendor_sysfs_double_tap:s0
|
||||
|
||||
|
||||
25
sepolicy/vendor/hal_mlipay.te
vendored
Normal file
25
sepolicy/vendor/hal_mlipay.te
vendored
Normal file
@ -0,0 +1,25 @@
|
||||
type hal_mlipay_hwservice, hwservice_manager_type;
|
||||
|
||||
type hal_mlipay_default, domain;
|
||||
hal_server_domain(hal_mlipay_default, hal_mlipay)
|
||||
|
||||
type hal_mlipay_default_exec, exec_type, vendor_file_type, file_type;
|
||||
init_daemon_domain(hal_mlipay_default)
|
||||
|
||||
type mlipay_prop, property_type;
|
||||
|
||||
# Allow hwbinder call from hal client to server
|
||||
binder_call(hal_mlipay_client, hal_mlipay_server)
|
||||
|
||||
# Add hwservice related rules
|
||||
add_hwservice(hal_mlipay_server, hal_mlipay_hwservice)
|
||||
allow hal_mlipay_client hal_mlipay_hwservice:hwservice_manager find;
|
||||
|
||||
allow hal_mlipay_default tee_device:chr_file rw_file_perms;
|
||||
allow hal_mlipay_default ion_device:chr_file r_file_perms;
|
||||
|
||||
r_dir_file(hal_mlipay_default, firmware_file)
|
||||
set_prop(hal_mlipay_default, mlipay_prop);
|
||||
|
||||
get_prop(hal_mlipay_default, vendor_fp_prop)
|
||||
get_prop(hal_mlipay_default, vendor_fp_info_prop)
|
||||
3
sepolicy/vendor/hwservice_contexts
vendored
3
sepolicy/vendor/hwservice_contexts
vendored
@ -7,3 +7,6 @@ com.fingerprints.extension::IFingerprintNavigation
|
||||
com.fingerprints.extension::IFingerprintSensorTest u:object_r:vendor_hal_fingerprint_hwservice_xiaomi:s0
|
||||
com.fingerprints.extension::IFingerprintCalibration u:object_r:vendor_hal_fingerprint_hwservice_xiaomi:s0
|
||||
com.fingerprints.extension::IFingerprintOptical u:object_r:vendor_hal_fingerprint_hwservice_xiaomi:s0
|
||||
|
||||
# Mlipay
|
||||
vendor.xiaomi.hardware.mlipay::IMlipayService u:object_r:hal_mlipay_hwservice:s0
|
||||
|
||||
4
sepolicy/vendor/property_contexts
vendored
4
sepolicy/vendor/property_contexts
vendored
@ -9,3 +9,7 @@ persist.vendor.sys.fp.uid u:object_r:vendor_fp_info_prop:s0
|
||||
|
||||
# SPU
|
||||
persist.vendor.security.spuari. u:object_r:vendor_security_spuari_prop:s0
|
||||
|
||||
# Mlipay
|
||||
persist.vendor.sys.pay. u:object_r:mlipay_prop:s0
|
||||
persist.vendor.sys.provision.status u:object_r:mlipay_prop:s0
|
||||
|
||||
Loading…
Reference in New Issue
Block a user