Blame - microdroid/sepolicy/system/private/virtualizationservice.te - android_packages_modules_Virtualization

blob: 097f0a0f22d7aaa79292fafac787164153fe9838 [file] [log] [blame]

Inseob Kim	ff43be2	2021-06-07 16:56:56 +0900	[diff] [blame]	1	type virtualizationservice, domain, coredomain;
				2	type virtualizationservice_exec, system_file_type, exec_type, file_type;
				3
				4	# When init runs a file labelled with virtualizationservice_exec, run it in the
				5	# virtualizationservice domain.
				6	init_daemon_domain(virtualizationservice)
				7
				8	# Let the virtualizationservice domain use Binder.
				9	binder_use(virtualizationservice)
				10
				11	# Let the virtualizationservice domain register the virtualization_service with ServiceManager.
				12	add_service(virtualizationservice, virtualization_service)
				13
				14	# When virtualizationservice execs a file with the crosvm_exec label, run it in the crosvm domain.
				15	domain_auto_trans(virtualizationservice, crosvm_exec, crosvm)
				16
Inseob Kim	ff43be2	2021-06-07 16:56:56 +0900	[diff] [blame]	17	# Let virtualizationservice kill crosvm.
				18	allow virtualizationservice crosvm:process sigkill;
				19
				20	# Let virtualizationservice access its data directory.
				21	allow virtualizationservice virtualizationservice_data_file:file create_file_perms;
				22	allow virtualizationservice virtualizationservice_data_file:dir create_dir_perms;