device_google_gs-common/aoc/sepolicy
Bowen Lai cb1a8297c3 Set up access control rule for aocxd
avc:
12-25 14:34:43.292  root  7005  7005 W binder:7005_1: type=1400 audit(0.0:23): avc:  denied  { call } for  scontext=u:r:aocxd:s0 tcontext=u:r:aocxdallowdomain:s0:c512,c768 tclass=binder permissive=0
11-27 14:56:33.645  1000   422   422 E SELinux : avc:  denied  { find } for pid=7360 uid=10267 name=aocx.IAocx/default scontext=u:r:aocxdallowdomain:s0:c512,c768 tcontext=u:object_r:aocx:s0 tclass=service_manager permissive=0

Test: make -j64
Bug: 385663354
Flag: EXEMPT bugfix
Change-Id: I7888e89710cfb671fb26180f8b2bc3152e1ced89
2025-01-15 23:39:08 -08:00
..
allowlist Set up access control rule for aocxd 2025-01-15 23:39:08 -08:00
aocd.te aoc: add policy to read system property 2023-12-13 19:32:43 +00:00
aocdump.te move aoc settings to gs-common 2022-10-20 11:23:26 +08:00
aocxd.te Fix aocx selinux dumpstate permissions 2024-06-14 15:36:14 -07:00
device.te audio: add audio hal aidl service 2023-03-09 13:47:57 +08:00
dump_aoc.te gs-common:aoc: correct aoc information in the bugreport 2023-04-26 10:51:44 +00:00
dumpstate.te Fix aocx selinux dumpstate permissions 2024-06-14 15:36:14 -07:00
file.te aoc: add permissions for new sysfs node 2023-11-17 16:17:29 +00:00
file_contexts [chre-hal-xport] Add file_contexts for new xport 2024-10-07 21:44:19 +00:00
property.te aoc: add policy to read system property 2023-12-13 19:32:43 +00:00
property_contexts aoc: add policy to read system property 2023-12-13 19:32:43 +00:00
service.te selinux move aocx from vndservice to service 2024-05-31 12:42:10 -07:00
service_contexts Rename aocx.IAoc to aocx.IAoc/default to support stable AIDL 2024-11-28 15:01:26 +08:00