Selinux changes for vr flinger vsync service
Add selinux policy for the new Binder-based vr flinger vsync service. Bug: 72890037 Test: - Manually confirmed that I can't bind to the new vsync service from a normal Android application, and system processes (other than vr_hwc) are prevented from connecting by selinux. - Confirmed the CTS test android.security.cts.SELinuxHostTest#testAospServiceContexts, when built from the local source tree with this CL applied, passes. - Confirmed the CTS test android.cts.security.SELinuxNeverallowRulesTest#testNeverallowRules521, when built from the local source tree with this CL applied, passes. Change-Id: Ib7a6bfcb1c2ebe1051f3accc18b481be1b188b06
Showing
- private/compat/26.0/26.0.ignore.cil 1 addition, 0 deletionsprivate/compat/26.0/26.0.ignore.cil
- private/compat/27.0/27.0.ignore.cil 1 addition, 0 deletionsprivate/compat/27.0/27.0.ignore.cil
- private/service_contexts 1 addition, 0 deletionsprivate/service_contexts
- private/surfaceflinger.te 2 additions, 0 deletionsprivate/surfaceflinger.te
- public/service.te 1 addition, 0 deletionspublic/service.te
- public/vr_hwc.te 2 additions, 0 deletionspublic/vr_hwc.te
Loading
Please register or sign in to comment