Evolution-X-Tensor/device_google_felix
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow dumpstate to access touch vendor nodes

Browse source 
Fix following avc denial log:
avc: denied { write } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { open } for path="/sys/devices/platform/10950000.spi/spi_master/spi6/spi6.0/stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { read } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { read } for name="driver_test" dev="proc" ino=4026535565 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0 bug=b/240632721
avc: denied { read } for name="appid" dev="sysfs" ino=108992 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 bug=b/240632721


Bug: 226475119
Bug: 254164096
Test: There are no above avc denial logs.
Change-Id: Ie01104ebfb94154584d9d466cb295095eb634f48
This commit is contained in:
Mason Wang 2022-10-28 11:16:37 +08:00
parent 9219b31d13
commit b1d4e8ab2f
2 changed files with 11 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
vendor/genfs_contexts vendored
View file

@ -35,3 +35,9 @@ genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-7/7-0036/power_supply/maxfg_
genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-7/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-7/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-7/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-7/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/google,dual_batt_gauge/power_supply/dualbatt/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/google,dual_batt_gauge/power_supply/dualbatt/wakeup u:object_r:sysfs_wakeup:s0
#Touch
genfscon sysfs /devices/platform/10d10000.spi/spi_master/spi0/spi0.0 u:object_r:sysfs_touch:s0
genfscon sysfs /devices/platform/10950000.spi/spi_master/spi6/spi6.0 u:object_r:sysfs_touch:s0
genfscon proc /fts/driver_test u:object_r:proc_touch:s0
genfscon proc /fts_ext/driver_test u:object_r:proc_touch:s0

5
vendor/hal_dumpstate_default.te vendored Normal file
View file

@ -0,0 +1,5 @@
allow hal_dumpstate_default sysfs_touch:dir r_dir_perms;
allow hal_dumpstate_default sysfs_touch:file rw_file_perms;
allow hal_dumpstate_default proc_touch:dir r_dir_perms;
allow hal_dumpstate_default proc_touch:file rw_file_perms;