blob: 25a2a7a933ad19254fb9c72ba02f0a774c676d4f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# Policies for hbtp (host based touch processing)
type hbtp, domain, domain_deprecated;
type hbtp_exec, exec_type, file_type;
init_daemon_domain(hbtp)
# Allow access for /dev/hbtp_input and /dev/jdi-bu21150
allow hbtp { hbtp_device qdsp_device dsp_device bu21150_device }:chr_file rw_file_perms;
allow hbtp hbtp_log_file:dir rw_dir_perms;
allow hbtp hbtp_log_file:file create_file_perms;
allow hbtp sysfs_usb_supply:dir search;
allow hbtp sysfs_usb_supply:file rw_file_perms;
allow hbtp hbtp_kernel_sysfs:file rw_file_perms;
allow hbtp sysfs:file write;
allow hbtp self:netlink_kobject_uevent_socket { create read setopt bind };
binder_use(hbtp);
allow hbtp improve_touch_service:service_manager add;
userdebug_or_eng(`
binder_call(hbtp, untrusted_app);
')
binder_call(hbtp, platform_app);
binder_call(hbtp, surfaceflinger);
# Allow the service to access wakelock sysfs
allow hbtp sysfs_wake_lock:file r_file_perms;
# Allow the service to change to system from root
allow hbtp self:capability { setgid setuid };
# Allow load touch driver as touchPD
r_dir_file(hbtp, adsprpcd_file)
# Allow the service to access wakelock capability
wakelock_use(hbtp)
|
