diff options
Diffstat (limited to 'sepolicy/ifaadaemon.te')
| -rwxr-xr-x | sepolicy/ifaadaemon.te | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/sepolicy/ifaadaemon.te b/sepolicy/ifaadaemon.te new file mode 100755 index 0000000..c458692 --- /dev/null +++ b/sepolicy/ifaadaemon.te @@ -0,0 +1,26 @@ +type ifaadaemon, domain; +type ifaadaemon_exec, exec_type, file_type; + +#Allow for transition from init domain to ifaadaemon +init_daemon_domain(ifaadaemon) + +#Allow ifaadaemon to use Binder IPC +binder_use(ifaadaemon) + +#Allow servicemanager to interact with ifaadaemon +binder_call(ifaadaemon, servicemanager) + +#Allow alipay_app to interact with ifaadaemon +binder_call(ifaadaemon, alipay_app) + +#Mark ifaadaemon as a Binder service domain +binder_service(ifaadaemon) + +#Allow ifaadaemon to be registered with service manager +allow ifaadaemon ifaadaemon_service:service_manager add; + +#Allow access to tee device +allow ifaadaemon tee_device:chr_file rw_file_perms; + +#Allow access to firmware +r_dir_file(ifaadaemon, firmware_file) |