Commit 9b089320 authored by fire855's avatar fire855
Browse files

sepolicy: fix denials for fingerprint

parent e17a4a29
Loading
Loading
Loading
Loading
+1 −1
Original line number Diff line number Diff line
@@ -5,7 +5,7 @@ init_daemon_domain(etsd)
binder_use(etsd)

allow etsd etsd_service:service_manager { add find };
allow etsd fingerprintd:binder { call transfer };
allow etsd hal_fingerprint_default:binder { call transfer };

allow etsd esfp0_device:chr_file rw_file_perms;

sepolicy/fingerprintd.te

deleted100644 → 0
+0 −4
Original line number Diff line number Diff line
allow fingerprintd esfp0_device:chr_file rw_file_perms;
allow fingerprintd madev0_device:chr_file rw_file_perms;
allow fingerprintd etsd:binder { call transfer };
allow fingerprintd self:capability { dac_override dac_read_search };
 No newline at end of file
+3 −0
Original line number Diff line number Diff line
allow hal_fingerprint_default servicemanager:binder call;
allow hal_fingerprint_default etsd:binder { call transfer };
allow hal_fingerprint_default etsd_service:service_manager find;
+3 −0
Original line number Diff line number Diff line
allow servicemanager hal_fingerprint_default:dir search;
allow servicemanager hal_fingerprint_default:file r_file_perms;
allow servicemanager hal_fingerprint_default:process getattr;
+0 −1
Original line number Diff line number Diff line
@@ -25,7 +25,6 @@ allow system_server smartwake_sysfs:file rw_file_perms;
# Fingerprint
binder_call(system_server, etsd)
allow system_server etsd_service:service_manager find;
allow fingerprintd etsd_service:service_manager find;

# IR
allow system_server irtx_device:chr_file rw_file_perms;