device_google_felix/vendor/hal_dumpstate_default.te at b1d4e8ab2f5e985656b9f58801776b200ae00d8f - Evolution-X-Tensor/device_google_felix - Forgejo: Beyond coding. We Forge.

Evolution-X-Tensor/device_google_felix

Mason Wang b1d4e8ab2f Allow dumpstate to access touch vendor nodes

Fix following avc denial log:
avc: denied { write } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { open } for path="/sys/devices/platform/10950000.spi/spi_master/spi6/spi6.0/stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { read } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { read } for name="driver_test" dev="proc" ino=4026535565 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0 bug=b/240632721
avc: denied { read } for name="appid" dev="sysfs" ino=108992 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 bug=b/240632721


Bug: 226475119
Bug: 254164096
Test: There are no above avc denial logs.
Change-Id: Ie01104ebfb94154584d9d466cb295095eb634f48

2022-10-28 12:44:25 +08:00

5 lines

233 B

Text

Raw Blame History

 allow hal_dumpstate_default sysfs_touch:dir r_dir_perms;
 allow hal_dumpstate_default sysfs_touch:file rw_file_perms;
 allow hal_dumpstate_default proc_touch:dir r_dir_perms;
 allow hal_dumpstate_default proc_touch:file rw_file_perms;