NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS03988168] mdp hidl-device/sepolicy

Browse Source 
mdp_copybit hidl-device/sepolicy

MTK-Commit-Id: 78b6aa3c250b7acab7c541bb34c6f87afdedb82e

Change-Id: Iebb0221c77ccbf8973dc7133ba350c078e907950
CR-Id: ALPS03988168
Feature: [Module]MDP Driver
This commit is contained in:
Howard Ho 2020-01-18 10:06:46 +08:00 committed by Cheng-Wei Lee
parent fd3d83feb7
commit 48dab28731
6 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
non_plat/attributes
View File

@ -64,3 +64,8 @@ attribute mtk_hal_em;
attribute mtk_hal_em_client; attribute mtk_hal_em_client;
attribute mtk_hal_em_server; attribute mtk_hal_em_server;
# Date: 2018/07/02
# MDP HIDL
attribute hal_mms;
attribute hal_mms_client;
attribute hal_mms_server;

2
non_plat/file_contexts
View File

@ -560,6 +560,8 @@
#PQ hal #PQ hal
/(system\/vendor|vendor)/bin/hw/vendor\.mediatek\.hardware\.pq@2\.2-service u:object_r:mtk_hal_pq_exec:s0 /(system\/vendor|vendor)/bin/hw/vendor\.mediatek\.hardware\.pq@2\.2-service u:object_r:mtk_hal_pq_exec:s0
#MMS hal
/(system\/vendor|vendor)/bin/hw/vendor\.mediatek\.hardware\.mms@1\.0-service u:object_r:mtk_hal_mms_exec:s0
# Keymaster Attestation Hal # Keymaster Attestation Hal
/(system\/vendor|vendor)/bin/hw/vendor\.mediatek\.hardware\.keymaster_attestation@1\.1-service u:object_r:hal_keymaster_attestation_exec:s0 /(system\/vendor|vendor)/bin/hw/vendor\.mediatek\.hardware\.keymaster_attestation@1\.1-service u:object_r:hal_keymaster_attestation_exec:s0
#ST NFC 1.1 hidl service #ST NFC 1.1 hidl service

6
non_plat/hal_mms.te Executable file
View File

@ -0,0 +1,6 @@
# HwBinder IPC from clients into server, and callbacks
binder_call(hal_mms_client, hal_mms_server)
binder_call(hal_mms_server, hal_mms_client)
# give permission for hal client
allow hal_mms_client mtk_hal_mms_hwservice :hwservice_manager find;

4
non_plat/hwservice.te
View File

@ -42,3 +42,7 @@ type mtk_hal_log_hwservice, hwservice_manager_type;
# Date: 2018/06/26 # Date: 2018/06/26
# em hidl # em hidl
type mtk_hal_em_hwservice, hwservice_manager_type; type mtk_hal_em_hwservice, hwservice_manager_type;
# Date: 2018/07/02
# MMS HIDL
type mtk_hal_mms_hwservice, hwservice_manager_type;

4
non_plat/hwservice_contexts
View File

@ -48,3 +48,7 @@ vendor.mediatek.hardware.log::ILog u:object_r:mtk_hal_log_hwservice:s0
# Date: 2018/06/26 # Date: 2018/06/26
# em hidl # em hidl
vendor.mediatek.hardware.engineermode::IEmd u:object_r:mtk_hal_em_hwservice:s0 vendor.mediatek.hardware.engineermode::IEmd u:object_r:mtk_hal_em_hwservice:s0
# Date : 2018/07/02
# MMS HIDL
vendor.mediatek.hardware.mms::IMms u:object_r:mtk_hal_mms_hwservice:s0

28
non_plat/mtk_hal_mms.te Executable file
View File

@ -0,0 +1,28 @@
# ==============================================
# Policy File of /vendor/bin/hw/vendor.mediatek.hardware.mms@1.0-service Executable File
# ==============================================
# Type Declaration
# ==============================================
type mtk_hal_mms, domain;
type mtk_hal_mms_exec, exec_type, file_type, vendor_file_type;
# ==============================================
# MTK Policy Rule
# ==============================================
# Setup for domain transition
init_daemon_domain(mtk_hal_mms)
# Allow to use HWBinder IPC
hwbinder_use(mtk_hal_mms);
# Allow a set of permissions required for a domain to be a server which provides a HAL implementation over HWBinder.
hal_server_domain(mtk_hal_mms, hal_mms)
# add/find permission rule to hwservicemanager
add_hwservice(hal_mms_server, mtk_hal_mms_hwservice)
# Purpose : Allow to use kernel driver
allow mtk_hal_mms graphics_device:chr_file { read write open ioctl };