Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / a2a2d9cbbdd299ed254d217b15c917eab606fba3 / . / private / permissioncontroller_app.te
blob: 5f8187530e7219f8b6be84536a9d7b8bbd6b77c1 [file] [log] [blame]
Ashwini Oruganti9bc81122019-10-21 15:28:00 -0700[diff] [blame]1###
2### A domain for further sandboxing the GooglePermissionController app.
3###
Ashwini Oruganti50641892019-11-21 12:26:08 -0800[diff] [blame]4type permissioncontroller_app, domain, coredomain;
Ashwini Oruganti9bc81122019-10-21 15:28:00 -0700[diff] [blame]5
Ashwini Oruganti9bc81122019-10-21 15:28:00 -0700[diff] [blame]6app_domain(permissioncontroller_app)
7
Hai Zhang86e10ef2020-12-07 19:42:27 +0000[diff] [blame]8allow permissioncontroller_app app_api_service:service_manager find;
9allow permissioncontroller_app system_api_service:service_manager find;
10
Ashwini Oruganti9bc81122019-10-21 15:28:00 -0700[diff] [blame]11# Allow interaction with gpuservice
12binder_call(permissioncontroller_app, gpuservice)
Ashwini Oruganti9bc81122019-10-21 15:28:00 -0700[diff] [blame]13
Evan Severson1d69ca72020-05-04 15:13:34 -0700[diff] [blame]14allow permissioncontroller_app radio_service:service_manager find;
Ashwini Oruganti73e12292019-12-09 15:37:05 -0800[diff] [blame]15
16# Allow the app to request and collect incident reports.
17# (Also requires DUMP and PACKAGE_USAGE_STATS permissions)
18allow permissioncontroller_app incident_service:service_manager find;
19binder_call(permissioncontroller_app, incidentd)
20allow permissioncontroller_app incidentd:fifo_file { read write };
Hridya Valsarajua2a2d9c2021-04-29 12:49:30 -0700[diff] [blame^]21
22allow permissioncontroller_app gpu_device:dir search;