mirror of
https://github.com/PixelExperience-Devices/device_xiaomi_sm6250-common.git
synced 2025-08-03 23:16:37 +09:00
9b4ea92198
sm6250-common: Label Light & Perf HALs sm6250-common: Add Sensor Service to Manifest sm6250-common: Disable APEXes sm6250-common: Revert "Introduce 'SafailNet'" sm6250-common: Address FP HAL Denials sm6250-common: Merge Erfan Fingerprint Sepolicy Co-authored-by: Erfan Abdi <erfangplus@gmail.com> Co-authored-by: Volodymyr Zhdanov <wight554@gmail.com> Co-authored-by: Cosmin Tanislav <demonsingur@gmail.com>
27 lines
1.2 KiB
Plaintext
27 lines
1.2 KiB
Plaintext
hal_server_domain(hal_fingerprint_default, hal_fingerprint)
|
|
init_daemon_domain(hal_fingerprint_default)
|
|
|
|
# access to /data/system/users/[0-9]+/fpdata
|
|
allow hal_fingerprint_default fingerprintd_data_file:dir rw_dir_perms;
|
|
allow hal_fingerprint_default fingerprintd_data_file:file create_file_perms;
|
|
allow hal_fingerprint_default self:netlink_socket create_socket_perms_no_ioctl;
|
|
allow hal_fingerprint_default vendor_hal_perf_hwservice:hwservice_manager find;
|
|
allow hal_fingerprint_default vendor_sysfs_fps_attr:file { open read write };
|
|
allow hal_fingerprint_default property_socket:sock_file write;
|
|
allow hal_fingerprint_default init:unix_stream_socket connectto;
|
|
|
|
allow hal_fingerprint_default {
|
|
fingerprint_device
|
|
tee_device
|
|
uhid_device
|
|
}:chr_file rw_file_perms;
|
|
|
|
# TODO(b/36644492): Remove data_between_core_and_vendor_violators once
|
|
# hal_fingerprint no longer directly accesses fingerprintd_data_file.
|
|
typeattribute hal_fingerprint_default data_between_core_and_vendor_violators;
|
|
binder_call(hal_fingerprint_default, hal_perf_default)
|
|
r_dir_file(hal_fingerprint_default, firmware_file)
|
|
set_prop(hal_fingerprint_default, hal_fingerprint_prop)
|
|
dontaudit hal_fingerprint_default storage_file:dir search;
|
|
|