• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# vndservicemanager - the Binder context manager for vendor processes
2type vndservicemanager_exec, exec_type, vendor_file_type, file_type;
3
4init_daemon_domain(vndservicemanager);
5
6allow vndservicemanager self:binder set_context_mgr;
7
8# transfer binder objects to other processes (TODO b/35870313 limit this to vendor-only)
9allow vndservicemanager { domain -coredomain -init -vendor_init }:binder transfer;
10
11allow vndservicemanager vndbinder_device:chr_file rw_file_perms;
12
13# Read vndservice_contexts
14allow vndservicemanager vndservice_contexts_file:file r_file_perms;
15
16# Check SELinux permissions.
17selinux_check_access(vndservicemanager)
18