diff options
author | Ricardo Cerqueira <ricardo@cyngn.com> | 2016-06-17 13:50:40 +0100 |
---|---|---|
committer | Ricardo Cerqueira <ricardo@cyngn.com> | 2016-06-17 13:50:40 +0100 |
commit | 18714b38de25978b88955352d8850d945d28e07b (patch) | |
tree | 0975f7a955337483223cb2a69a036010a87d1532 | |
parent | 22f764212ccca6092f285304893f3528e71dad5d (diff) | |
parent | 928ccfefbbc7708a6b74cae48aac092c976ac2fe (diff) | |
download | android_device_qcom_sepolicy-18714b38de25978b88955352d8850d945d28e07b.tar.gz android_device_qcom_sepolicy-18714b38de25978b88955352d8850d945d28e07b.tar.bz2 android_device_qcom_sepolicy-18714b38de25978b88955352d8850d945d28e07b.zip |
Merge commit 'cm-13.0-mainline' into cm-13.0-ZNH2K
-rw-r--r-- | common/bootanim.te | 30 | ||||
-rw-r--r-- | common/file.te | 7 | ||||
-rw-r--r-- | common/file_contexts | 7 | ||||
-rwxr-xr-x | common/gamed.te | 35 | ||||
-rw-r--r-- | common/healthd.te | 2 | ||||
-rw-r--r-- | common/hostapd.te | 2 | ||||
-rw-r--r-- | common/init_shell.te | 11 | ||||
-rw-r--r-- | common/mediaserver.te | 3 | ||||
-rw-r--r-- | common/mm-qcamerad.te | 2 | ||||
-rw-r--r-- | common/net.te | 9 | ||||
-rw-r--r-- | common/netd.te | 10 | ||||
-rw-r--r-- | common/netmgrd.te | 2 | ||||
-rw-r--r-- | common/perfd.te | 12 | ||||
-rw-r--r-- | common/property.te | 6 | ||||
-rw-r--r-- | common/property_contexts | 3 | ||||
-rw-r--r-- | common/qfp-daemon.te | 4 | ||||
-rw-r--r-- | common/qsee_svc_app.te | 4 | ||||
-rw-r--r-- | common/qseecomd.te | 2 | ||||
-rw-r--r-- | common/qseeproxy.te | 6 | ||||
-rw-r--r-- | common/service_contexts | 2 | ||||
-rw-r--r-- | common/system_app.te | 3 | ||||
-rw-r--r-- | common/system_server.te | 3 | ||||
-rw-r--r-- | msm8937/file_contexts | 3 | ||||
-rw-r--r-- | test/fidotest.te | 3 | ||||
-rw-r--r-- | test/qseeproxysample.te | 3 |
25 files changed, 162 insertions, 12 deletions
diff --git a/common/bootanim.te b/common/bootanim.te new file mode 100644 index 00000000..9a6355a4 --- /dev/null +++ b/common/bootanim.te @@ -0,0 +1,30 @@ +# Copyright (c) 2016, The Linux Foundation. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +# * Neither the name of The Linux Foundation nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# allow bootanim to binder mediaserver +binder_call(bootanim, mediaserver); +allow bootanim mediaserver_service:service_manager find; diff --git a/common/file.te b/common/file.te index 4c1469b7..ff65b5b2 100644 --- a/common/file.te +++ b/common/file.te @@ -79,6 +79,9 @@ type sysfs_cpu_online, fs_type, sysfs_type; type mpctl_socket, file_type, mlstrustedobject; type mpctl_data_file, file_type, data_file_type; +#define the files writer during the operation of app state changes +type gamed_socket, file_type; + #define the files writter during the operatio of iop type iop_socket, file_type; type iop_data_file, file_type, data_file_type; @@ -143,6 +146,7 @@ type persist_usf_file, file_type; #qfp-daemon type qfp-daemon_data_file, file_type, data_file_type; +type persist_qc_senseid_file, file_type; # dts notifier files type dts_data_file, file_type, data_file_type; @@ -174,3 +178,6 @@ type qtitetherservice_app_data_file, file_type, data_file_type; # Boot KPI Marker files type sys_bootkpi, sysfs_type, file_type; + +# /data/system/swap/swapfile - swapfile +type swap_data_file, file_type, data_file_type; diff --git a/common/file_contexts b/common/file_contexts index 2f428e58..e18e6094 100644 --- a/common/file_contexts +++ b/common/file_contexts @@ -96,6 +96,8 @@ /dev/socket/ims_datad u:object_r:ims_socket:s0 /dev/socket/ims_rtpd u:object_r:ims_socket:s0 /dev/socket/perfd(/.*)? u:object_r:mpctl_socket:s0 +/dev/socket/perfd u:object_r:mpctl_socket:s0 +/dev/socket/gamed u:object_r:gamed_socket:s0 /dev/socket/qlogd u:object_r:qlogd_socket:s0 /dev/socket/ipacm_log_file u:object_r:ipacm_socket:s0 /dev/socket/dpmd u:object_r:dpmd_socket:s0 @@ -136,6 +138,8 @@ /system/bin/mmi u:object_r:mmi_exec:s0 /system/bin/mpdecision u:object_r:mpdecision_exec:s0 /system/vendor/bin/perfd u:object_r:perfd_exec:s0 +/data/misc/perfd(/.*)? u:object_r:mpctl_socket:s0 +/system/vendor/bin/gamed u:object_r:gamed_exec:s0 /system/bin/iop u:object_r:dumpstate_exec:s0 /system/bin/msm_irqbalance u:object_r:msm_irqbalanced_exec:s0 /system/bin/imsdatadaemon u:object_r:ims_exec:s0 @@ -281,7 +285,6 @@ /data/time(/.*)? u:object_r:time_data_file:s0 /data/nfc(/.*)? u:object_r:nfc_data_file:s0 /data/system/perfd(/.*)? u:object_r:mpctl_data_file:s0 -/data/misc/perfd(/.*)? u:object_r:mpctl_socket:s0 /data/misc/iop(/.*)? u:object_r:iop_data_file:s0 /data/misc/iop/iop u:object_r:iop_socket:s0 /data/misc/display(/.*)? u:object_r:display_misc_file:s0 @@ -304,6 +307,7 @@ /data/misc/audio_pp(/.*)? u:object_r:audio_pp_data_file:s0 /data/ramdump(/.*)? u:object_r:ssr_ramdump_data_file:s0 /data/misc/SelfHost/socket(/.*)? u:object_r:RIDL_socket:s0 +/data/system/swap(/.*)? u:object_r:swap_data_file:s0 ################################### # persist files @@ -315,6 +319,7 @@ /persist/data(/.*)? u:object_r:persist_drm_file:s0 /persist/data/tz(/.*)? u:object_r:persist_drm_file:s0 /persist/data/sfs(/.*)? u:object_r:persist_drm_file:s0 +/persist/qc_senseid(/.*)? u:object_r:persist_qc_senseid_file:s0 /persist/usf(/.*)? u:object_r:persist_usf_file:s0 /persist/hlos_rfs(/.*)? u:object_r:rfs_shared_hlos_file:s0 /persist/display(/.*)? u:object_r:persist_display_file:s0 diff --git a/common/gamed.te b/common/gamed.te new file mode 100755 index 00000000..2d2cac63 --- /dev/null +++ b/common/gamed.te @@ -0,0 +1,35 @@ +# Copyright (c) 2016, The Linux Foundation. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +# * Neither the name of The Linux Foundation nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# GAMED + +type gamed, domain; +type gamed_exec, exec_type, file_type; + +init_daemon_domain(gamed) + +unix_socket_connect(gamed, mpctl, perfd) diff --git a/common/healthd.te b/common/healthd.te index 3212afa4..7c1b19a1 100644 --- a/common/healthd.te +++ b/common/healthd.te @@ -2,4 +2,6 @@ r_dir_file(healthd, sysfs_battery_supply) r_dir_file(healthd, sysfs_usb_supply) r_dir_file(healthd, sysfs_thermal); allow healthd alarm_device:chr_file rw_file_perms; + +#allow healthd read rtc device file allow healthd rtc_device:chr_file r_file_perms; diff --git a/common/hostapd.te b/common/hostapd.te index a6272509..f23418bf 100644 --- a/common/hostapd.te +++ b/common/hostapd.te @@ -43,3 +43,5 @@ allow hostapd cnd:fifo_file r_file_perms; allow hostapd smem_log_device:chr_file rw_file_perms; allow hostapd fstman:unix_dgram_socket sendto; unix_socket_send(hostapd, wpa, netd) +allow hostapd netd:unix_dgram_socket sendto; +allow hostapd wpa_socket:sock_file write; diff --git a/common/init_shell.te b/common/init_shell.te index 36e18462..ca8bcbdf 100644 --- a/common/init_shell.te +++ b/common/init_shell.te @@ -45,6 +45,7 @@ allow qti_init_shell self:capability { fsetid dac_override dac_read_search + sys_admin }; # For property starting with hw @@ -59,6 +60,7 @@ allow qti_init_shell { system_prop freq_prop perfd_prop + gamed_prop mpdecision_prop bluetooth_prop config_prop @@ -80,6 +82,7 @@ allow qti_init_shell { qemu_hw_mainkeys_prop alarm_boot_prop boot_animation_prop + debug_gralloc_prop # Needed for starting console in userdebug mode userdebug_or_eng(`ctl_console_prop coresight_prop') rmnet_mux_prop @@ -153,3 +156,11 @@ allow qti_init_shell cgroup:dir add_name; # To allow copy for mbn files r_dir_file(qti_init_shell, firmware_file) + +# /dev/block/zram0 +allow qti_init_shell block_device:dir r_dir_perms; +allow qti_init_shell swap_block_device:blk_file rw_file_perms; + +# /data/system/swap/swapfile +allow qti_init_shell swap_data_file:dir rw_dir_perms; +allow qti_init_shell swap_data_file:file create_file_perms; diff --git a/common/mediaserver.te b/common/mediaserver.te index 442edc4a..6eae758b 100644 --- a/common/mediaserver.te +++ b/common/mediaserver.te @@ -68,6 +68,9 @@ r_dir_file(mediaserver, adsprpcd_file); #Allow mediaserver to connect to unix sockets for staproxy service allow mediaserver system_app:unix_stream_socket { connectto read write setopt }; +# allow mediaserver to communicate with bootanim +binder_call(mediaserver, bootanim); + #Allow mediaserver to access service manager STAProxyService #Allow mediaserver to access service manager wfdservice allow mediaserver { STAProxyService wfdservice_service }:service_manager find; diff --git a/common/mm-qcamerad.te b/common/mm-qcamerad.te index e7d2737d..7bc5dfe6 100644 --- a/common/mm-qcamerad.te +++ b/common/mm-qcamerad.te @@ -60,6 +60,8 @@ allow mm-qcamerad graphics_device:dir r_dir_perms; type_transition mm-qcamerad system_data_file:file camera_data_file "fdAlbum"; allow mm-qcamerad camera_data_file:file create_file_perms; +allow mm-qcamerad graphics_device:dir r_dir_perms; + #Allow access to /dev/graphics/fb* for screen capture allow mm-qcamerad graphics_device:chr_file rw_file_perms; unix_socket_connect(mm-qcamerad, property, init) diff --git a/common/net.te b/common/net.te index e5e3df03..fc39608c 100644 --- a/common/net.te +++ b/common/net.te @@ -4,3 +4,12 @@ unix_socket_connect(netdomain, cnd, cnd) # allow netdomain access to dpmd unix_socket_connect(netdomain, dpmwrapper, dpmd) +allow netd self:capability fsetid; +allow netd hostapd:unix_dgram_socket sendto; + +# Allow netd to chmod dir /data/misc/dhcp +allow netd dhcp_data_file:dir create_dir_perms; + +type_transition netd wifi_data_file:dir wpa_socket "sockets"; +allow netd wpa_socket:dir create_dir_perms; +allow netd wpa_socket:sock_file create_file_perms; diff --git a/common/netd.te b/common/netd.te index 9e067dd7..680d499a 100644 --- a/common/netd.te +++ b/common/netd.te @@ -19,13 +19,3 @@ allow netd ipacm_data_file:file r_file_perms; # needed for netd to start FST Manager via system property allow netd netd_prop:property_service set; allow netd qtitetherservices_service:service_manager find; - -allow netd self:capability fsetid; -allow netd hostapd:unix_dgram_socket sendto; - -# Allow netd to chmod dir /data/misc/dhcp -allow netd dhcp_data_file:dir create_dir_perms; - -type_transition netd wifi_data_file:dir wpa_socket "sockets"; -allow netd wpa_socket:dir create_dir_perms; -allow netd wpa_socket:sock_file create_file_perms; diff --git a/common/netmgrd.te b/common/netmgrd.te index 54281932..92c69de0 100644 --- a/common/netmgrd.te +++ b/common/netmgrd.te @@ -45,6 +45,8 @@ allow netmgrd { proc_net sysfs }:file w_file_perms; #Allow setting of DNS and GW Android properties allow netmgrd { system_prop net_radio_prop }:property_service set; +allow netmgrd xlat_prop:property_service set; + #Allow execution of commands in shell allow netmgrd system_file:file x_file_perms; diff --git a/common/perfd.te b/common/perfd.te index f5bda91f..0cec6b7c 100644 --- a/common/perfd.te +++ b/common/perfd.te @@ -16,6 +16,7 @@ allow perfd self:{ netlink_kobject_uevent_socket socket} create_socket_perms; # mpctl socket allow perfd mpctl_socket:dir rw_dir_perms; allow perfd mpctl_socket:sock_file create_file_perms; +allow perfd mpctl_socket:sock_file rw_file_perms; # default_values file allow perfd mpctl_data_file:dir rw_dir_perms; @@ -39,3 +40,14 @@ unix_socket_connect(perfd, thermal, thermal-engine); # Access device nodes inside /dev/cpuctl allow perfd cpuctl_device:chr_file rw_file_perms; + +# Allow perfd to send signull +allow perfd { + system_server + system_app + wfdservice + mediaserver + thermal-engine + surfaceflinger + appdomain +}:process signull; diff --git a/common/property.te b/common/property.te index 996c61e6..d89ea774 100644 --- a/common/property.te +++ b/common/property.te @@ -21,6 +21,10 @@ type sf_lcd_density_prop, property_type; type opengles_prop, property_type; type mdm_helper_prop, property_type; type mpdecision_prop, property_type; +type gamed_prop, property_type; + +#Needed for ubwc support +type debug_gralloc_prop, property_type; type fm_prop, property_type; type chgdiabled_prop, property_type; @@ -28,6 +32,8 @@ type chgdiabled_prop, property_type; #properites for netd type netd_prop, property_type; +type xlat_prop, property_type; + # property for location type location_prop, property_type; diff --git a/common/property_contexts b/common/property_contexts index f3e41fa5..b33b0a7c 100644 --- a/common/property_contexts +++ b/common/property_contexts @@ -13,6 +13,7 @@ ctl.port-bridge u:object_r:ctl_port-bridge_prop:s0 min_freq_0 u:object_r:freq_prop:s0 min_freq_4 u:object_r:freq_prop:s0 ctl.perfd u:object_r:perfd_prop:s0 +ctl.gamed u:object_r:gamed_prop:s0 ctl.iop u:object_r:perfd_prop:s0 ctl.vm_bms u:object_r:vm_bms_prop:s0 qualcomm.bluetooth. u:object_r:bluetooth_prop:s0 @@ -41,3 +42,5 @@ sys.audio.init u:object_r:audio_prop:s0 alarm_boot u:object_r:alarm_boot_prop:s0 debug.sf.nobootanimation u:object_r:boot_animation_prop:s0 radio.noril u:object_r:radio_noril_prop:s0 +debug.gralloc. u:object_r:debug_gralloc_prop:s0 +persist.net.doxlat u:object_r:xlat_prop:s0 diff --git a/common/qfp-daemon.te b/common/qfp-daemon.te index 5d2d7a4b..b154c54d 100644 --- a/common/qfp-daemon.te +++ b/common/qfp-daemon.te @@ -55,6 +55,10 @@ allow qfp-daemon qbt1000_device:chr_file rw_file_perms; # R dir perms for firmware dir r_dir_file(qfp-daemon, firmware_file) +# R dir perms for persist qc_senseid dir +r_dir_file(qfp-daemon, persist_file) +r_dir_file(qfp-daemon, persist_qc_senseid_file) + # Allow qfp daemon access to system server binder_call(qfp-daemon, system_server); diff --git a/common/qsee_svc_app.te b/common/qsee_svc_app.te index fd57768c..4ff94df6 100644 --- a/common/qsee_svc_app.te +++ b/common/qsee_svc_app.te @@ -35,3 +35,7 @@ binder_call(qsee_svc_app, qseeproxy) # file permission allow qsee_svc_app qsee_svc_app_data_file:dir create_dir_perms; allow qsee_svc_app qsee_svc_app_data_file:file create_file_perms; + +# allow service manager find +allow qsee_svc_app { app_api_service system_api_service + fidodaemon_service qseeproxy_service }:service_manager find; diff --git a/common/qseecomd.te b/common/qseecomd.te index 2140c583..d09057ae 100644 --- a/common/qseecomd.te +++ b/common/qseecomd.te @@ -70,6 +70,8 @@ allow tee system_prop:property_service set; #allow access to qfp-daemon allow tee qfp-daemon_data_file:dir create_dir_perms; allow tee qfp-daemon_data_file:file create_file_perms; +allow tee persist_qc_senseid_file:dir create_dir_perms; +allow tee persist_qc_senseid_file:file create_file_perms; #allow access to fingerprintd data file allow tee fingerprintd_data_file:dir create_dir_perms; diff --git a/common/qseeproxy.te b/common/qseeproxy.te index 826f25cb..f3385bf3 100644 --- a/common/qseeproxy.te +++ b/common/qseeproxy.te @@ -59,3 +59,9 @@ allow qseeproxy firmware_file:file r_file_perms; #Allow access to session files allow qseeproxy data_qsee_file:dir create_dir_perms; allow qseeproxy data_qsee_file:file create_file_perms ; + +#Allow access to system_app domain +allow qseeproxy system_app:unix_dgram_socket sendto; + +#Allow access to sysfs files +allow qseeproxy sysfs:file w_file_perms; diff --git a/common/service_contexts b/common/service_contexts index c57eab7e..3e495ec8 100644 --- a/common/service_contexts +++ b/common/service_contexts @@ -14,6 +14,8 @@ qti.ims.connectionmanagerservice u:object_r:imscm_service:s0 com.qti.snapdragon.sdk.display.IColorService u:object_r:color_service:s0 improveTouch.TouchService u:object_r:improve_touch_service:s0 improveTouch.TouchManagerService u:object_r:improve_touch_service:s0 +improveTouch.GestureManagerService u:object_r:improve_touch_service:s0 +improveTouch.HandBiometricManagerService u:object_r:improve_touch_service:s0 wfdservice u:object_r:wfdservice_service:s0 DigitalPen u:object_r:usf_service:s0 dts_eagle_service u:object_r:dtseagleservice_service:s0 diff --git a/common/system_app.te b/common/system_app.te index 8673d1e8..f8eef956 100644 --- a/common/system_app.te +++ b/common/system_app.te @@ -109,3 +109,6 @@ r_dir_file(system_app, audio_pp_data_file); # allow access to system app for radio files allow system_app radio_data_file:dir rw_dir_perms; allow system_app radio_data_file:file create_file_perms; + +# access to qseeproxy domain +allow system_app qseeproxy:unix_dgram_socket sendto; diff --git a/common/system_server.te b/common/system_server.te index 4aca89f3..569e1aba 100644 --- a/common/system_server.te +++ b/common/system_server.te @@ -19,6 +19,9 @@ allow system_server mpctl_socket:dir r_dir_perms; unix_socket_send(system_server, mpctl, mpdecision) unix_socket_connect(system_server, mpctl, mpdecision) +#access to gamed +unix_socket_connect(system_server, gamed, gamed) + allow system_server { # For wifistatemachine wbc_service diff --git a/msm8937/file_contexts b/msm8937/file_contexts index 13ddaeec..fae3375d 100644 --- a/msm8937/file_contexts +++ b/msm8937/file_contexts @@ -42,4 +42,5 @@ /dev/block/platform/soc/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 /dev/block/platform/soc/7824900.sdhci/by-name/dip u:object_r:dip_device:s0 /dev/block/platform/soc/7824900.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 -/dev/block/platform/soc.0/7824900.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc/7824900.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc/7824900.sdhci/by-name/cache u:object_r:cache_block_device:s0 diff --git a/test/fidotest.te b/test/fidotest.te index e601d6dc..ed6226da 100644 --- a/test/fidotest.te +++ b/test/fidotest.te @@ -26,4 +26,7 @@ userdebug_or_eng(` # Allow access to firmware allow fidotest firmware_file:dir r_dir_perms; allow fidotest firmware_file:file r_file_perms; + + # Allow service manager to find + allow qsee_svc_app fidotest_service:service_manager find; ') diff --git a/test/qseeproxysample.te b/test/qseeproxysample.te index 6b59bd14..9bddd750 100644 --- a/test/qseeproxysample.te +++ b/test/qseeproxysample.te @@ -54,4 +54,7 @@ userdebug_or_eng(` # Allow access to firmware allow qseeproxysample firmware_file:dir r_dir_perms; allow qseeproxysample firmware_file:file r_file_perms; + + #Allow service manager to find + allow qsee_svc_app qseeproxysample_service:service_manager find; ') |