Evolution-X-Tensor/device_google_akita
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

gps: pixel gnss aidl service (sepolicy)

Browse source 
avc:  denied  { call } for  scontext=u:r:servicemanager:s0 tcontext=u:r:hal_gnss_pixel:s0 tclass=binder permissive=0
avc:  denied  { call } for  scontext=u:r:hal_gnss_pixel:s0 tcontext=u:r:hal_gnss_default:s0 tclass=binder permissive=0
avc:  denied  { call } for  scontext=u:r:hal_gnss_default:s0 tcontext=u:r:hal_gnss_pixel:s0 tclass=binder permissive=0
avc:  denied  { read } for  name="modem_state" dev="sysfs" ino=66325 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
avc:  denied  { open } for  path="/sys/devices/platform/cpif/modem_state" dev="sysfs" ino=66325 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
avc:  denied  { getattr } for  path="/sys/devices/platform/cpif/modem_state" dev="sysfs" ino=66325 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 298924540
Test: No avc deny
Change-Id: I77ec1cb171781dd3c671a975a5c049a48d5bcccb
This commit is contained in:
Shinru Han 2023-08-22 07:58:31 +00:00
parent 76686f69d9
commit 69d9e01e8a
6 changed files with 20 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
vendor/file.te vendored Normal file
View file

@ -0,0 +1 @@
type sysfs_modem_state, sysfs_type, fs_type;

2
vendor/file_contexts vendored
View file

@ -12,7 +12,9 @@
/vendor/bin/hw/sctd u:object_r:sctd_exec:s0 /vendor/bin/hw/sctd u:object_r:sctd_exec:s0
/vendor/bin/hw/swcnd u:object_r:swcnd_exec:s0 /vendor/bin/hw/swcnd u:object_r:swcnd_exec:s0
/vendor/bin/hw/spad u:object_r:spad_exec:s0 /vendor/bin/hw/spad u:object_r:spad_exec:s0
/vendor/bin/hw/android.hardware.gnss-service u:object_r:hal_gnss_default_exec:s0 /vendor/bin/hw/android.hardware.gnss-service u:object_r:hal_gnss_default_exec:s0
/vendor/bin/hw/android.hardware.gnss-service.pixel u:object_r:hal_gnss_pixel_exec:s0
# gnss/gps data/log files # gnss/gps data/log files
/data/vendor/gps(/.*)? u:object_r:vendor_gps_file:s0 /data/vendor/gps(/.*)? u:object_r:vendor_gps_file:s0

3
vendor/genfs_contexts vendored
View file

@ -61,3 +61,6 @@ genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-7/7-0025/power_supply/tcpm-s
genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-9/9-0025/power_supply/tcpm-source-psy-9-0025/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10cb0000.hsi2c/i2c-9/9-0025/power_supply/tcpm-source-psy-9-0025/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/gnssif/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/gnssif/wakeup u:object_r:sysfs_wakeup:s0
# modem state
genfscon sysfs /devices/platform/cpif/modem_state u:object_r:sysfs_modem_state:s0

12
vendor/hal_gnss_pixel.te vendored Normal file
View file

@ -0,0 +1,12 @@
type hal_gnss_pixel, domain;
hal_server_domain(hal_gnss_pixel, hal_gnss)
type hal_gnss_pixel_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_gnss_pixel)
#IPC between pixel and vendor HAL
binder_call(hal_gnss_pixel, hal_gnss_default)
binder_call(hal_gnss_default, hal_gnss_pixel)
#Read modem state /sys/bus/platform/devices/cpif/modem_state
allow hal_gnss_pixel sysfs_modem_state:file r_file_perms;

1
vendor/service_contexts vendored Normal file
View file

@ -0,0 +1 @@
android.hardware.gnss.IGnss/vendor u:object_r:hal_gnss_service:s0

1
vendor/servicemanager.te vendored Normal file
View file

@ -0,0 +1 @@
binder_call(servicemanager, hal_gnss_pixel)