0379e1a2b8
AVC error log justifications:
[ 1198.907014] type=1400 audit(1728067746.876:2074): avc: denied { search } for comm="cat" name="instances" dev="tracefs" ino=4194 scontext=u:r:dump_display_userdebug:s0 tcontext=u:object_r:debugfs_tracing_instances:s0 tclass=dir permissive=1
[ 1198.908565] type=1400 audit(1728067746.876:2075): avc: denied { read } for comm="cat" name="trace" dev="tracefs" ino=167692 scontext=u:r:dump_display_userdebug:s0 tcontext=u:object_r:debugfs_tracing_instances:s0 tclass=file permissive=1
[ 1198.909716] type=1400 audit(1728067746.876:2076): avc: denied { open } for comm="cat" path="/sys/kernel/tracing/instances/pixel-display/trace" dev="tracefs" ino=167692 scontext=u:r:dump_display_userdebug:s0 tcontext=u:object_r:debugfs_tracing_instances:s0 tclass=file permissive=1
Bug: 369099258
Test: pixel display trace visible in bugreport
Flag: EXEMPT bugfix
Change-Id: I53f9340aee155d1ff0d0c0bc2db45e6bd77f342a
Signed-off-by: Taylor Nelms <tknelms@google.com>
15 lines
525 B
Text
15 lines
525 B
Text
# Display (dump for bugreport)
|
|
pixel_bugreport(dump_display)
|
|
|
|
allow dump_display sysfs_display:file r_file_perms;
|
|
allow dump_display vendor_displaycolor_service:service_manager find;
|
|
binder_call(dump_display, hal_graphics_composer_default)
|
|
allow dump_display vendor_dumpsys:file execute_no_trans;
|
|
allow dump_display vendor_shell_exec:file execute_no_trans;
|
|
|
|
userdebug_or_eng(`
|
|
allow dump_display vendor_dri_debugfs:dir r_dir_perms;
|
|
allow dump_display vendor_dri_debugfs:file r_file_perms;
|
|
')
|
|
vndbinder_use(dump_display)
|
|
|