在device/sepolicy/common目錄中:
修改文件attributes:
attribute hal_newXX;
attribute hal_newXX_client;
attribute hal_newXX_server;
修改文件file_contexts:
/(vendor|system/vendor)/bin/hw/android\.hardware\.newXX@1\.0-service u:object_r:hal_newXX_default_exec:s0
添加文件hal_newXX_default.te:
type hal_newXX_default, domain, mlstrustedsubject;
hal_server_domain(hal_newXX_default, hal_newXX)
type hal_newXX_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_newXX_default)
# Allow hwbinder call from hal client to server
binder_call(hal_newXX_client, hal_newXX_server)
# Add hwservice related rules
add_hwservice(hal_newXX_server, hal_newXX_hwservice)
allow hal_newXX_client hal_newXX_hwservice:hwservice_manager find;
#hwbinder_use(hal_newXX)
get_prop(hal_newXX, hwservicemanager_prop)
allow hal_newXX_default mnt_vendor_file:dir rw_dir_perms;
修改hwservice.te:
type hal_newXX_hwservice, hwservice_manager_type;
修改hwservice_contexts:
android.hardware.newXX::INewXX u:object_r:hal_newXX_hwservice:s0
修改system_server.te:
hal_client_domain(system_server, hal_newXX)
其中實現的hidl服務是android.hardware.newXX@1.0-service。具體實現的接口是android.hardware.newXX::INewXX