Merge commit 'cm-13.0-mainline' into cm-13.0-ZNH2K

author: Ricardo Cerqueira <ricardo@cyngn.com> 2016-06-17 13:50:40 +0100
committer: Ricardo Cerqueira <ricardo@cyngn.com> 2016-06-17 13:50:40 +0100
commit: 18714b38de25978b88955352d8850d945d28e07b (patch)
tree: 0975f7a955337483223cb2a69a036010a87d1532
parent: 22f764212ccca6092f285304893f3528e71dad5d (diff)
parent: 928ccfefbbc7708a6b74cae48aac092c976ac2fe (diff)
download: android_device_qcom_sepolicy-18714b38de25978b88955352d8850d945d28e07b.tar.gz
android_device_qcom_sepolicy-18714b38de25978b88955352d8850d945d28e07b.tar.bz2
android_device_qcom_sepolicy-18714b38de25978b88955352d8850d945d28e07b.zip
25 files changed, 162 insertions, 12 deletions
diff --git a/common/bootanim.te b/common/bootanim.te
new file mode 100644
index 00000000..9a6355a4
--- /dev/null
+++ b/common/bootanim.te
@@ -0,0 +1,30 @@
+# Copyright (c) 2016, The Linux Foundation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above
+#       copyright notice, this list of conditions and the following
+#       disclaimer in the documentation and/or other materials provided
+#       with the distribution.
+#     * Neither the name of The Linux Foundation nor the names of its
+#       contributors may be used to endorse or promote products derived
+#       from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# allow bootanim to binder mediaserver
+binder_call(bootanim, mediaserver);
+allow bootanim mediaserver_service:service_manager find;
diff --git a/common/file.te b/common/file.te
index 4c1469b7..ff65b5b2 100644
--- a/common/file.te
+++ b/common/file.te
@@ -79,6 +79,9 @@ type sysfs_cpu_online, fs_type, sysfs_type;
 type mpctl_socket, file_type, mlstrustedobject;
 type mpctl_data_file, file_type, data_file_type;
 
+#define the files writer during the operation of app state changes
+type gamed_socket, file_type;
+
 #define the files writter during the operatio of iop
 type iop_socket, file_type;
 type iop_data_file, file_type, data_file_type;
@@ -143,6 +146,7 @@ type persist_usf_file, file_type;
 
 #qfp-daemon
 type qfp-daemon_data_file, file_type, data_file_type;
+type persist_qc_senseid_file, file_type;
 
 # dts notifier files
 type dts_data_file, file_type, data_file_type;
@@ -174,3 +178,6 @@ type qtitetherservice_app_data_file, file_type, data_file_type;
 
 # Boot KPI Marker files
 type sys_bootkpi, sysfs_type, file_type;
+
+# /data/system/swap/swapfile - swapfile
+type swap_data_file, file_type, data_file_type;
diff --git a/common/file_contexts b/common/file_contexts
index 2f428e58..e18e6094 100644
--- a/common/file_contexts
+++ b/common/file_contexts
@@ -96,6 +96,8 @@
 /dev/socket/ims_datad                           u:object_r:ims_socket:s0
 /dev/socket/ims_rtpd                            u:object_r:ims_socket:s0
 /dev/socket/perfd(/.*)?                         u:object_r:mpctl_socket:s0
+/dev/socket/perfd                               u:object_r:mpctl_socket:s0
+/dev/socket/gamed                               u:object_r:gamed_socket:s0
 /dev/socket/qlogd                               u:object_r:qlogd_socket:s0
 /dev/socket/ipacm_log_file                      u:object_r:ipacm_socket:s0
 /dev/socket/dpmd                                u:object_r:dpmd_socket:s0
@@ -136,6 +138,8 @@
 /system/bin/mmi                                 u:object_r:mmi_exec:s0
 /system/bin/mpdecision                          u:object_r:mpdecision_exec:s0
 /system/vendor/bin/perfd                        u:object_r:perfd_exec:s0
+/data/misc/perfd(/.*)?                          u:object_r:mpctl_socket:s0
+/system/vendor/bin/gamed                        u:object_r:gamed_exec:s0
 /system/bin/iop                                 u:object_r:dumpstate_exec:s0
 /system/bin/msm_irqbalance                      u:object_r:msm_irqbalanced_exec:s0
 /system/bin/imsdatadaemon                       u:object_r:ims_exec:s0
@@ -281,7 +285,6 @@
 /data/time(/.*)?                                                    u:object_r:time_data_file:s0
 /data/nfc(/.*)?                                                     u:object_r:nfc_data_file:s0
 /data/system/perfd(/.*)?                                            u:object_r:mpctl_data_file:s0
-/data/misc/perfd(/.*)?                                              u:object_r:mpctl_socket:s0
 /data/misc/iop(/.*)?                                                u:object_r:iop_data_file:s0
 /data/misc/iop/iop                                                  u:object_r:iop_socket:s0
 /data/misc/display(/.*)?                                            u:object_r:display_misc_file:s0
@@ -304,6 +307,7 @@
 /data/misc/audio_pp(/.*)?                                           u:object_r:audio_pp_data_file:s0
 /data/ramdump(/.*)?                                                 u:object_r:ssr_ramdump_data_file:s0
 /data/misc/SelfHost/socket(/.*)?                                    u:object_r:RIDL_socket:s0
+/data/system/swap(/.*)?                                             u:object_r:swap_data_file:s0
 
 ###################################
 # persist files
@@ -315,6 +319,7 @@
 /persist/data(/.*)?                                                 u:object_r:persist_drm_file:s0
 /persist/data/tz(/.*)?                                              u:object_r:persist_drm_file:s0
 /persist/data/sfs(/.*)?                                             u:object_r:persist_drm_file:s0
+/persist/qc_senseid(/.*)?                                           u:object_r:persist_qc_senseid_file:s0
 /persist/usf(/.*)?                                                  u:object_r:persist_usf_file:s0
 /persist/hlos_rfs(/.*)?                                             u:object_r:rfs_shared_hlos_file:s0
 /persist/display(/.*)?                                              u:object_r:persist_display_file:s0
diff --git a/common/gamed.te b/common/gamed.te
new file mode 100755
index 00000000..2d2cac63
--- /dev/null
+++ b/common/gamed.te
@@ -0,0 +1,35 @@
+# Copyright (c) 2016, The Linux Foundation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above
+#       copyright notice, this list of conditions and the following
+#       disclaimer in the documentation and/or other materials provided
+#       with the distribution.
+#     * Neither the name of The Linux Foundation nor the names of its
+#       contributors may be used to endorse or promote products derived
+#       from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# GAMED
+
+type gamed, domain;
+type gamed_exec, exec_type, file_type;
+
+init_daemon_domain(gamed)
+
+unix_socket_connect(gamed, mpctl, perfd)
diff --git a/common/healthd.te b/common/healthd.te
index 3212afa4..7c1b19a1 100644
--- a/common/healthd.te
+++ b/common/healthd.te
@@ -2,4 +2,6 @@ r_dir_file(healthd, sysfs_battery_supply)
 r_dir_file(healthd, sysfs_usb_supply)
 r_dir_file(healthd, sysfs_thermal);
 allow healthd alarm_device:chr_file rw_file_perms;
+
+#allow healthd read rtc device file
 allow healthd rtc_device:chr_file r_file_perms;
diff --git a/common/hostapd.te b/common/hostapd.te
index a6272509..f23418bf 100644
--- a/common/hostapd.te
+++ b/common/hostapd.te
@@ -43,3 +43,5 @@ allow hostapd cnd:fifo_file r_file_perms;
 allow hostapd smem_log_device:chr_file rw_file_perms;
 allow hostapd fstman:unix_dgram_socket sendto;
 unix_socket_send(hostapd, wpa, netd)
+allow hostapd netd:unix_dgram_socket sendto;
+allow hostapd wpa_socket:sock_file write;
diff --git a/common/init_shell.te b/common/init_shell.te
index 36e18462..ca8bcbdf 100644
--- a/common/init_shell.te
+++ b/common/init_shell.te
@@ -45,6 +45,7 @@ allow qti_init_shell self:capability {
     fsetid
     dac_override
     dac_read_search
+    sys_admin
 };
 
 # For  property starting with hw
@@ -59,6 +60,7 @@ allow qti_init_shell {
     system_prop
     freq_prop
     perfd_prop
+    gamed_prop
     mpdecision_prop
     bluetooth_prop
     config_prop
@@ -80,6 +82,7 @@ allow qti_init_shell {
     qemu_hw_mainkeys_prop
     alarm_boot_prop
     boot_animation_prop
+    debug_gralloc_prop
     # Needed for starting console in userdebug mode
     userdebug_or_eng(`ctl_console_prop coresight_prop')
     rmnet_mux_prop
@@ -153,3 +156,11 @@ allow qti_init_shell cgroup:dir add_name;
 
 # To allow copy for mbn files
 r_dir_file(qti_init_shell, firmware_file)
+
+# /dev/block/zram0
+allow qti_init_shell block_device:dir r_dir_perms;
+allow qti_init_shell swap_block_device:blk_file rw_file_perms;
+
+# /data/system/swap/swapfile
+allow qti_init_shell swap_data_file:dir rw_dir_perms;
+allow qti_init_shell swap_data_file:file create_file_perms;
diff --git a/common/mediaserver.te b/common/mediaserver.te
index 442edc4a..6eae758b 100644
--- a/common/mediaserver.te
+++ b/common/mediaserver.te
@@ -68,6 +68,9 @@ r_dir_file(mediaserver, adsprpcd_file);
 #Allow mediaserver to connect to unix sockets for staproxy service
 allow mediaserver system_app:unix_stream_socket { connectto read write setopt };
 
+# allow mediaserver to communicate with bootanim
+binder_call(mediaserver, bootanim);
+
 #Allow mediaserver to access service manager STAProxyService
 #Allow mediaserver to access service manager wfdservice
 allow mediaserver { STAProxyService wfdservice_service }:service_manager find;
diff --git a/common/mm-qcamerad.te b/common/mm-qcamerad.te
index e7d2737d..7bc5dfe6 100644
--- a/common/mm-qcamerad.te
+++ b/common/mm-qcamerad.te
@@ -60,6 +60,8 @@ allow mm-qcamerad graphics_device:dir r_dir_perms;
 type_transition mm-qcamerad system_data_file:file camera_data_file "fdAlbum";
 allow mm-qcamerad camera_data_file:file create_file_perms;
 
+allow mm-qcamerad graphics_device:dir r_dir_perms;
+
 #Allow access to /dev/graphics/fb* for screen capture
 allow mm-qcamerad graphics_device:chr_file rw_file_perms;
 unix_socket_connect(mm-qcamerad, property, init)
diff --git a/common/net.te b/common/net.te
index e5e3df03..fc39608c 100644
--- a/common/net.te
+++ b/common/net.te
@@ -4,3 +4,12 @@ unix_socket_connect(netdomain, cnd, cnd)
 # allow netdomain access to dpmd
 unix_socket_connect(netdomain, dpmwrapper, dpmd)
 
+allow netd self:capability fsetid;
+allow netd hostapd:unix_dgram_socket sendto;
+
+# Allow netd to chmod dir /data/misc/dhcp
+allow netd dhcp_data_file:dir create_dir_perms;
+
+type_transition netd wifi_data_file:dir wpa_socket "sockets";
+allow netd wpa_socket:dir create_dir_perms;
+allow netd wpa_socket:sock_file create_file_perms;
diff --git a/common/netd.te b/common/netd.te
index 9e067dd7..680d499a 100644
--- a/common/netd.te
+++ b/common/netd.te
@@ -19,13 +19,3 @@ allow netd ipacm_data_file:file r_file_perms;
 # needed for netd to start FST Manager via system property
 allow netd netd_prop:property_service set;
 allow netd qtitetherservices_service:service_manager find;
-
-allow netd self:capability fsetid;
-allow netd hostapd:unix_dgram_socket sendto;
-
-# Allow netd to chmod dir /data/misc/dhcp
-allow netd dhcp_data_file:dir create_dir_perms;
-
-type_transition netd wifi_data_file:dir wpa_socket "sockets";
-allow netd wpa_socket:dir create_dir_perms;
-allow netd wpa_socket:sock_file create_file_perms;
diff --git a/common/netmgrd.te b/common/netmgrd.te
index 54281932..92c69de0 100644
--- a/common/netmgrd.te
+++ b/common/netmgrd.te
@@ -45,6 +45,8 @@ allow netmgrd { proc_net sysfs }:file w_file_perms;
 #Allow setting of DNS and GW Android properties
 allow netmgrd { system_prop net_radio_prop }:property_service set;
 
+allow netmgrd xlat_prop:property_service set;
+
 #Allow execution of commands in shell
 allow netmgrd system_file:file x_file_perms;
 
diff --git a/common/perfd.te b/common/perfd.te
index f5bda91f..0cec6b7c 100644
--- a/common/perfd.te
+++ b/common/perfd.te
@@ -16,6 +16,7 @@ allow perfd self:{ netlink_kobject_uevent_socket socket} create_socket_perms;
 # mpctl socket
 allow perfd mpctl_socket:dir rw_dir_perms;
 allow perfd mpctl_socket:sock_file create_file_perms;
+allow perfd mpctl_socket:sock_file rw_file_perms;
 
 # default_values file
 allow perfd mpctl_data_file:dir rw_dir_perms;
@@ -39,3 +40,14 @@ unix_socket_connect(perfd, thermal, thermal-engine);
 
 # Access device nodes inside /dev/cpuctl
 allow perfd cpuctl_device:chr_file rw_file_perms;
+
+# Allow perfd to send signull
+allow perfd {
+    system_server
+    system_app
+    wfdservice
+    mediaserver
+    thermal-engine
+    surfaceflinger
+    appdomain
+}:process signull;
diff --git a/common/property.te b/common/property.te
index 996c61e6..d89ea774 100644
--- a/common/property.te
+++ b/common/property.te
@@ -21,6 +21,10 @@ type sf_lcd_density_prop, property_type;
 type opengles_prop, property_type;
 type mdm_helper_prop, property_type;
 type mpdecision_prop, property_type;
+type gamed_prop, property_type;
+
+#Needed for  ubwc support
+type debug_gralloc_prop, property_type;
 
 type fm_prop, property_type;
 type chgdiabled_prop, property_type;
@@ -28,6 +32,8 @@ type chgdiabled_prop, property_type;
 #properites for netd
 type netd_prop, property_type;
 
+type xlat_prop, property_type;
+
 # property for location
 type location_prop, property_type;
 
diff --git a/common/property_contexts b/common/property_contexts
index f3e41fa5..b33b0a7c 100644
--- a/common/property_contexts
+++ b/common/property_contexts
@@ -13,6 +13,7 @@ ctl.port-bridge            u:object_r:ctl_port-bridge_prop:s0
 min_freq_0                 u:object_r:freq_prop:s0
 min_freq_4                 u:object_r:freq_prop:s0
 ctl.perfd                  u:object_r:perfd_prop:s0
+ctl.gamed                  u:object_r:gamed_prop:s0
 ctl.iop                    u:object_r:perfd_prop:s0
 ctl.vm_bms                 u:object_r:vm_bms_prop:s0
 qualcomm.bluetooth.        u:object_r:bluetooth_prop:s0
@@ -41,3 +42,5 @@ sys.audio.init             u:object_r:audio_prop:s0
 alarm_boot                 u:object_r:alarm_boot_prop:s0
 debug.sf.nobootanimation   u:object_r:boot_animation_prop:s0
 radio.noril                u:object_r:radio_noril_prop:s0
+debug.gralloc.             u:object_r:debug_gralloc_prop:s0
+persist.net.doxlat         u:object_r:xlat_prop:s0
diff --git a/common/qfp-daemon.te b/common/qfp-daemon.te
index 5d2d7a4b..b154c54d 100644
--- a/common/qfp-daemon.te
+++ b/common/qfp-daemon.te
@@ -55,6 +55,10 @@ allow qfp-daemon qbt1000_device:chr_file rw_file_perms;
 # R dir perms for firmware dir
 r_dir_file(qfp-daemon, firmware_file)
 
+# R dir perms for persist qc_senseid dir
+r_dir_file(qfp-daemon, persist_file)
+r_dir_file(qfp-daemon, persist_qc_senseid_file)
+
 # Allow qfp daemon access to system server
 binder_call(qfp-daemon, system_server);
 
diff --git a/common/qsee_svc_app.te b/common/qsee_svc_app.te
index fd57768c..4ff94df6 100644
--- a/common/qsee_svc_app.te
+++ b/common/qsee_svc_app.te
@@ -35,3 +35,7 @@ binder_call(qsee_svc_app, qseeproxy)
 # file permission
 allow qsee_svc_app qsee_svc_app_data_file:dir create_dir_perms;
 allow qsee_svc_app qsee_svc_app_data_file:file create_file_perms;
+
+# allow service manager find
+allow qsee_svc_app { app_api_service system_api_service
+ fidodaemon_service qseeproxy_service }:service_manager find;
diff --git a/common/qseecomd.te b/common/qseecomd.te
index 2140c583..d09057ae 100644
--- a/common/qseecomd.te
+++ b/common/qseecomd.te
@@ -70,6 +70,8 @@ allow tee system_prop:property_service set;
 #allow access to qfp-daemon
 allow tee qfp-daemon_data_file:dir create_dir_perms;
 allow tee qfp-daemon_data_file:file create_file_perms;
+allow tee persist_qc_senseid_file:dir create_dir_perms;
+allow tee persist_qc_senseid_file:file create_file_perms;
 
 #allow access to fingerprintd data file
 allow tee fingerprintd_data_file:dir create_dir_perms;
diff --git a/common/qseeproxy.te b/common/qseeproxy.te
index 826f25cb..f3385bf3 100644
--- a/common/qseeproxy.te
+++ b/common/qseeproxy.te
@@ -59,3 +59,9 @@ allow qseeproxy firmware_file:file r_file_perms;
 #Allow access to session files
 allow qseeproxy data_qsee_file:dir create_dir_perms;
 allow qseeproxy data_qsee_file:file create_file_perms ;
+
+#Allow access to system_app domain
+allow qseeproxy system_app:unix_dgram_socket sendto;
+
+#Allow access to sysfs files
+allow qseeproxy sysfs:file w_file_perms;
diff --git a/common/service_contexts b/common/service_contexts
index c57eab7e..3e495ec8 100644
--- a/common/service_contexts
+++ b/common/service_contexts
@@ -14,6 +14,8 @@ qti.ims.connectionmanagerservice               u:object_r:imscm_service:s0
 com.qti.snapdragon.sdk.display.IColorService   u:object_r:color_service:s0
 improveTouch.TouchService                      u:object_r:improve_touch_service:s0
 improveTouch.TouchManagerService               u:object_r:improve_touch_service:s0
+improveTouch.GestureManagerService             u:object_r:improve_touch_service:s0
+improveTouch.HandBiometricManagerService       u:object_r:improve_touch_service:s0
 wfdservice                                     u:object_r:wfdservice_service:s0
 DigitalPen                                     u:object_r:usf_service:s0
 dts_eagle_service                              u:object_r:dtseagleservice_service:s0
diff --git a/common/system_app.te b/common/system_app.te
index 8673d1e8..f8eef956 100644
--- a/common/system_app.te
+++ b/common/system_app.te
@@ -109,3 +109,6 @@ r_dir_file(system_app, audio_pp_data_file);
 # allow access to system app for radio files
 allow system_app radio_data_file:dir rw_dir_perms;
 allow system_app radio_data_file:file create_file_perms;
+
+# access to qseeproxy domain
+allow system_app qseeproxy:unix_dgram_socket sendto;
diff --git a/common/system_server.te b/common/system_server.te
index 4aca89f3..569e1aba 100644
--- a/common/system_server.te
+++ b/common/system_server.te
@@ -19,6 +19,9 @@ allow system_server mpctl_socket:dir r_dir_perms;
 unix_socket_send(system_server, mpctl, mpdecision)
 unix_socket_connect(system_server, mpctl, mpdecision)
 
+#access to gamed
+unix_socket_connect(system_server, gamed, gamed)
+
 allow system_server {
     # For wifistatemachine
     wbc_service
diff --git a/msm8937/file_contexts b/msm8937/file_contexts
index 13ddaeec..fae3375d 100644
--- a/msm8937/file_contexts
+++ b/msm8937/file_contexts
@@ -42,4 +42,5 @@
 /dev/block/platform/soc/7824900.sdhci/by-name/userdata              u:object_r:userdata_block_device:s0
 /dev/block/platform/soc/7824900.sdhci/by-name/dip                   u:object_r:dip_device:s0
 /dev/block/platform/soc/7824900.sdhci/by-name/mdtp                  u:object_r:mdtp_device:s0
-/dev/block/platform/soc.0/7824900.sdhci/by-name/config              u:object_r:frp_block_device:s0
+/dev/block/platform/soc/7824900.sdhci/by-name/config                u:object_r:frp_block_device:s0
+/dev/block/platform/soc/7824900.sdhci/by-name/cache                 u:object_r:cache_block_device:s0
diff --git a/test/fidotest.te b/test/fidotest.te
index e601d6dc..ed6226da 100644
--- a/test/fidotest.te
+++ b/test/fidotest.te
@@ -26,4 +26,7 @@ userdebug_or_eng(`
   # Allow access to firmware
   allow fidotest firmware_file:dir r_dir_perms;
   allow fidotest firmware_file:file r_file_perms;
+
+  # Allow service manager to find
+  allow qsee_svc_app fidotest_service:service_manager find;
 ')
diff --git a/test/qseeproxysample.te b/test/qseeproxysample.te
index 6b59bd14..9bddd750 100644
--- a/test/qseeproxysample.te
+++ b/test/qseeproxysample.te
@@ -54,4 +54,7 @@ userdebug_or_eng(`
   # Allow access to firmware
   allow qseeproxysample firmware_file:dir r_dir_perms;
   allow qseeproxysample firmware_file:file r_file_perms;
+
+  #Allow service manager to find
+  allow qsee_svc_app qseeproxysample_service:service_manager find;
 ')
author	Ricardo Cerqueira <ricardo@cyngn.com>	2016-06-17 13:50:40 +0100
committer	Ricardo Cerqueira <ricardo@cyngn.com>	2016-06-17 13:50:40 +0100
commit	18714b38de25978b88955352d8850d945d28e07b (patch)
tree	0975f7a955337483223cb2a69a036010a87d1532
parent	22f764212ccca6092f285304893f3528e71dad5d (diff)
parent	928ccfefbbc7708a6b74cae48aac092c976ac2fe (diff)
download	android_device_qcom_sepolicy-18714b38de25978b88955352d8850d945d28e07b.tar.gz android_device_qcom_sepolicy-18714b38de25978b88955352d8850d945d28e07b.tar.bz2 android_device_qcom_sepolicy-18714b38de25978b88955352d8850d945d28e07b.zip