-
Notifications
You must be signed in to change notification settings - Fork 12
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Gallery needs to read vendor files on treble enabled devices. This is based on policies written by Eino-Ville Talvala <[email protected]> for Google camera app. Change-Id: I0e591c9b2a54c781203d5c49e6d6d65c2f477eaf
- Loading branch information
Showing
3 changed files
with
21 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| app_domain(gallery_app) | ||
| net_domain(gallery_app) | ||
|
|
||
| # Access standard system services | ||
| allow gallery_app app_api_service:service_manager find; | ||
| allow gallery_app audioserver_service:service_manager find; | ||
| allow gallery_app cameraserver_service:service_manager find; | ||
| allow gallery_app drmserver_service:service_manager find; | ||
| allow gallery_app mediacodec_service:service_manager find; | ||
| allow gallery_app mediaextractor_service:service_manager find; | ||
| allow gallery_app mediaserver_service:service_manager find; | ||
| allow gallery_app mediametrics_service:service_manager find; | ||
| allow gallery_app nfc_service:service_manager find; | ||
| allow gallery_app surfaceflinger_service:service_manager find; | ||
|
|
||
| allow gallery_app hidl_token_hwservice:hwservice_manager find; | ||
|
|
||
| # Allow to read and execute camera app modules | ||
| allow gallery_app vendor_file:file { rx_file_perms }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1,2 @@ | ||
| user=_app isPrivApp=true seinfo=platform name=com.android.gallery3d domain=gallery_app type=app_data_file levelFrom=user | ||
| user=_app isPrivApp=true seinfo=platform name=org.lineageos.snap domain=snap_app type=app_data_file levelFrom=user |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| type gallery_app, domain, coredomain; |