diff options
author | Krishna Chaitanya Parimi <cparimi@codeaurora.org> | 2015-01-16 11:08:29 +0530 |
---|---|---|
committer | Krishna Chaitanya Parimi <cparimi@codeaurora.org> | 2015-01-16 11:08:29 +0530 |
commit | b96f8332e713c710d52763ddeac672bc7131a3d5 (patch) | |
tree | 93fd8d3680183c23d24a0d8a50d776f4adf89189 /common/mm-pp-daemon.te | |
parent | 531aa9e1be98231112c0eb9b482616591f278daa (diff) | |
download | android_device_qcom_sepolicy-b96f8332e713c710d52763ddeac672bc7131a3d5.tar.gz android_device_qcom_sepolicy-b96f8332e713c710d52763ddeac672bc7131a3d5.tar.bz2 android_device_qcom_sepolicy-b96f8332e713c710d52763ddeac672bc7131a3d5.zip |
sepolicy: allow mm-pp-daemon to use binders in user variant
Binder calls from mm-pp-daemon were only allowed in userdebug
variants and were not allowed in user variant builds. Now
allowing these binder calls from mm-pp-daemon to system server
and surfaceflinger. Also allowing diag to access tempfs.
Change-Id: Ia90489ff63d62e0514666be5734fde0a3662a8a2
Diffstat (limited to 'common/mm-pp-daemon.te')
-rwxr-xr-x | common/mm-pp-daemon.te | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/common/mm-pp-daemon.te b/common/mm-pp-daemon.te index f8edeb54..468d3bad 100755 --- a/common/mm-pp-daemon.te +++ b/common/mm-pp-daemon.te @@ -24,17 +24,15 @@ allow mm-pp-daemon sensors:unix_stream_socket connectto; allow mm-pp-daemon system_prop:property_service set; -userdebug_or_eng(` - # Display calibration service opens /dev/diag in order to communicate with the - # target device - allow mm-pp-daemon diag_device:chr_file rw_file_perms; +# Allow diag to access tempfs +allow mm-pp-daemon diag_device:chr_file rw_file_perms; - # QDCM needs to trigger screen refreshes in some cases to reach the - # convergent state - binder_use(mm-pp-daemon) - binder_call(mm-pp-daemon, system_server) - binder_call(mm-pp-daemon, surfaceflinger) +# Allow mm-pp-daemon to call binder for screen refresh +binder_use(mm-pp-daemon) +binder_call(mm-pp-daemon, system_server) +binder_call(mm-pp-daemon, surfaceflinger) +userdebug_or_eng(` # This allows pp-daemon to use shell commands to blank # the display - it uses input keyevent to do this allow mm-pp-daemon shell_exec:file rx_file_perms; |