From 064b50e43ba8e983cde1a01e18bbb5d551649027 Mon Sep 17 00:00:00 2001 From: Dinesh Yadav Date: Tue, 19 Nov 2024 10:24:12 +0000 Subject: [PATCH] Add sepolicy for edgetpu_tachyon_service to report metrics This permission is needed to report errors encountered while running gxp workloads to telemetry services. AVC Error seen while reporting errors: 11-21 09:30:05.711 406 406 E SELinux : avc: denied { find } for pid=1821 uid=1000 name=android.frameworks.stats.IStats/default scontext=u:r:edgetpu_tachyon_server:s0 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=0 Bug: 359404493 Flag: EXEMPT updates device sepolicy only Change-Id: Ic282928aad6283077e183f931230f79eea49053d Signed-off-by: Dinesh Yadav --- gxp/sepolicy/edgetpu_tachyon_service.te | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/gxp/sepolicy/edgetpu_tachyon_service.te b/gxp/sepolicy/edgetpu_tachyon_service.te index 35987dd..31b7e7b 100644 --- a/gxp/sepolicy/edgetpu_tachyon_service.te +++ b/gxp/sepolicy/edgetpu_tachyon_service.te @@ -1,3 +1,7 @@ # Allow Tachyon service to access the GXP device and read GXP properties. allow edgetpu_tachyon_server gxp_device:chr_file rw_file_perms; get_prop(edgetpu_tachyon_server, vendor_gxp_prop) + +# Allow tachyon service to log to stats service for reporting metrics. +allow edgetpu_tachyon_server fwk_stats_service:service_manager find; +binder_call(edgetpu_tachyon_server, system_server);