Evolution-X-Tensor/device_google_bluejay
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[DO NOT MERGE] device/sepolicy: Add sepolicy for vibrator hal

Browse source 
Added sepolicy for vibrator hal specific to device

uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { read } for property=vibrator.adaptive_haptics.enabled pid=0 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1'
avc: denied { open } for comm="odrefresh" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:odrefresh:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1
avc: denied { getattr } for comm="odrefresh" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:odrefresh:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1
avc: denied { map } for comm="odrefresh" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:odrefresh:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1
avc: denied { write } for comm="android.hardwar" name="chre" dev="tmpfs" ino=1094 scontext=u:r:hal_vibrator_default:s0 tcontext=u:object_r:chre_socket:s0 tclass=sock_file permissive=1
avc: denied { connectto } for comm="android.hardwar" path="/dev/socket/chre" scontext=u:r:hal_vibrator_default:s0 tcontext=u:r:chre:s0 tclass=unix_stream_socket permissive=1
avc: denied { open } for comm="binder:8084_3" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1 app=com.google.android.gms
avc: denied { getattr } for comm="binder:8084_3" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1 app=com.google.android.gms

Bug: 198239103
Test: Verified functionality
Signed-off-by: Chris Paulo <chrispaulo@google.com>
Change-Id: I1f38a069c06c5cc142236aed9cb34eede77c0315
This commit is contained in:
Chris Paulo 2022-08-30 00:29:28 +00:00
parent 4a24496e12
commit 5e8ab96efb
5 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
bluejay-sepolicy.mk
View file

@ -1,2 +1,3 @@
BOARD_VENDOR_SEPOLICY_DIRS += device/google/bluejay-sepolicy/bluejay BOARD_VENDOR_SEPOLICY_DIRS += device/google/bluejay-sepolicy/bluejay
BOARD_VENDOR_SEPOLICY_DIRS += device/google/bluejay-sepolicy/vendor
BOARD_VENDOR_SEPOLICY_DIRS += device/google/bluejay-sepolicy/tracking_denials_bluejay BOARD_VENDOR_SEPOLICY_DIRS += device/google/bluejay-sepolicy/tracking_denials_bluejay

2
vendor/file_contexts vendored Normal file
View file

@ -0,0 +1,2 @@
# Haptics
/vendor/bin/hw/android\.hardware\.vibrator-service\.cs40l26-private-bluejay u:object_r:hal_vibrator_default_exec:s0

3
vendor/hal_vibrator_default.te vendored Normal file
View file

@ -0,0 +1,3 @@
# Allow Vibrator HAL to communicate with daemon via socket
allow hal_vibrator_default chre:unix_stream_socket connectto;
allow hal_vibrator_default chre_socket:sock_file write;

2
vendor/property_contexts vendored Normal file
View file

@ -0,0 +1,2 @@
# Haptics
persist.vendor.vibrator.hal. u:object_r:vendor_vibrator_prop:s0

2
vendor/vendor_init.te vendored Normal file
View file

@ -0,0 +1,2 @@
# Haptics
get_prop(vendor_init, adaptive_haptics_prop)