Unbundle RemoteService on TV - part 1 [atv/sepolicy]
Sujith Ramakrishnan [Tue, 23 Feb 2016 00:10:22 +0000 (16:10 -0800)]
- Add TvRemoteService as a system_server service
- Allow system_server write/open/ioctl permissions to uhid chr_file

b/23792608

Change-Id: I0f735d55c6bb72dd627cad3125c36a0ca40ea6c2

sepolicy/service.te [new file with mode: 0644]
sepolicy/service_contexts [new file with mode: 0644]
sepolicy/system_service.te

diff --git a/sepolicy/service.te b/sepolicy/service.te
new file mode 100644 (file)
index 0000000..0dad463
--- /dev/null
@@ -0,0 +1,2 @@
+# system_server_services needed on atv
+type tv_remote_service, system_server_service, service_manager_type;
diff --git a/sepolicy/service_contexts b/sepolicy/service_contexts
new file mode 100644 (file)
index 0000000..a809ae0
--- /dev/null
@@ -0,0 +1 @@
+tv_remote                                 u:object_r:tv_remote_service:s0
index d0bef2f..f6783d7 100644 (file)
@@ -1 +1,3 @@
+# Access devices.
 allow system_server dvb_device:chr_file rw_file_perms;
+allow system_server uhid_device:chr_file { write open ioctl };