summaryrefslogtreecommitdiff
path: root/sepolicy/whitechapel/vendor/google/euiccpixel_app.te
diff options
context:
space:
mode:
Diffstat (limited to 'sepolicy/whitechapel/vendor/google/euiccpixel_app.te')
-rw-r--r--sepolicy/whitechapel/vendor/google/euiccpixel_app.te29
1 files changed, 29 insertions, 0 deletions
diff --git a/sepolicy/whitechapel/vendor/google/euiccpixel_app.te b/sepolicy/whitechapel/vendor/google/euiccpixel_app.te
new file mode 100644
index 00000000..8763117f
--- /dev/null
+++ b/sepolicy/whitechapel/vendor/google/euiccpixel_app.te
@@ -0,0 +1,29 @@
+# EuiccSupportPixel app
+
+type euiccpixel_app, domain;
+app_domain(euiccpixel_app)
+
+allow euiccpixel_app app_api_service:service_manager find;
+allow euiccpixel_app radio_service:service_manager find;
+allow euiccpixel_app nfc_service:service_manager find;
+allow euiccpixel_app surfaceflinger_service:service_manager find;
+
+set_prop(euiccpixel_app, vendor_secure_element_prop)
+set_prop(euiccpixel_app, vendor_modem_prop)
+get_prop(euiccpixel_app, dck_prop)
+
+userdebug_or_eng(`
+ net_domain(euiccpixel_app)
+
+ # Access to directly upgrade firmware on st54spi_device used for engineering devices
+ typeattribute st54spi_device mlstrustedobject;
+ allow euiccpixel_app st54spi_device:chr_file rw_file_perms;
+ # Access to directly upgrade firmware on st33spi_device used for engineering devices
+ typeattribute st33spi_device mlstrustedobject;
+ allow euiccpixel_app st33spi_device:chr_file rw_file_perms;
+
+ allow euiccpixel_app sysfs_st33spi:dir search;
+ allow euiccpixel_app sysfs_st33spi:file rw_file_perms;
+ allow euiccpixel_app sysfs_touch:dir search;
+')
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 03:22:23 +0000