kernel metrics: add selinux policy about modem_boot_duration for kernel metrics feature

Bug: 368510043

12-13 23:10:00.604   993   993 I binder:993_2: type=1400 audit(0.0:327): avc:  denied  { read } for  name="modem_boot_duration" dev="sysfs" ino=72272 scontext=u:r:shared_modem_platform:s0 tcontext=u:object_r:sysfs_kernel_metrics:s0 tclass=file permissive=1
12-13 23:10:00.604   993   993 I binder:993_2: type=1400 audit(0.0:328): avc:  denied  { open } for  path="/sys/kernel/pixel_metrics/modem/modem_boot_duration" dev="sysfs" ino=72272 scontext=u:r:shared_modem_platform:s0 tcontext=u:object_r:sysfs_kernel_metrics:s0 tclass=file permissive=1
12-13 23:10:00.604   993   993 I binder:993_2: type=1400 audit(0.0:329): avc:  denied  { getattr } for  path="/sys/kernel/pixel_metrics/modem/modem_boot_duration" dev="sysfs" ino=72272 scontext=u:r:shared_modem_platform:s0 tcontext=u:object_r:sysfs_kernel_metrics:s0 tclass=file permissive=1

Flag: EXEMPT update sepolicy

Change-Id: Id50146858f84d3716855b9010e95c7232c6accfa
This commit is contained in:
Eileen Lai 2024-12-13 01:07:09 -08:00
parent 5a51adbdd3
commit a8634006fb
3 changed files with 6 additions and 0 deletions

View file

@ -0,0 +1,2 @@
# Define the type which declare in genfs_contexts
type sysfs_kernel_metrics, sysfs_type, fs_type;

View file

@ -0,0 +1 @@
genfscon sysfs /kernel/pixel_metrics/modem/modem_boot_duration u:object_r:sysfs_kernel_metrics:s0

View file

@ -1,2 +1,5 @@
# Shared modem platform will register the default instance of the AIDL ISharedModemPlatform hal.
hal_server_domain(shared_modem_platform, hal_shared_modem_platform)
allow shared_modem_platform sysfs_kernel_metrics:file r_file_perms;