device_phh_treble/sepolicy/qualcomm.te
Pierre-Hugues Husson b544b15e68 Get back to allowing "rild" universally
This requires to drop a checkpolicy, because checkpolicy doesn't allow
multiple identical domains definition, and "rild" will be defined both
in system and vendor.
This isn't optimal, but that's still the best solution I've found.
2018-09-18 11:16:19 +02:00

22 lines
945 B
Plaintext

type rild, domain;
#me.phh.treble.qti.audio is system-signed
allow system_app hal_telephony_hwservice:hwservice_manager { find };
allow { rild system_app } { rild system_app }:binder { call transfer };
#Pixel 1
type vnd_qcril_audio_hwservice, hwservice_manager_type;
allow system_app vnd_qcril_audio_hwservice:hwservice_manager { find };
#Pixel 2
type vnd_qcrilhook_hwservice, hwservice_manager_type;
allow system_app vnd_qcrilhook_hwservice:hwservice_manager { find };
#OP6
allow system_app hal_telephony_hwservice:hwservice_manager { find };
# cf https://github.com/phhusson/treble_experimentations/issues/131
# SELinux : avc: denied { add } for interface=android.hardware.tetheroffload.control::IOffloadControl pid=15220 scontext=u:r:ipacm:s0 tcontext=u:object_r:hal_tetheroffload_hwservice:s0 tclass=hwservice_manager permissive=0
type ipacm, hwservice_manager_type;
allow ipacm hal_tetheroffload_hwservice:hwservice_manager { add };