Evolution-X-Tensor/device_google_gs-common
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
device_google_gs-common/aoc/sepolicy/allowlist/aocxdallowdomain.te
Bowen Lai cb1a8297c3 Set up access control rule for aocxd 
avc:
12-25 14:34:43.292  root  7005  7005 W binder:7005_1: type=1400 audit(0.0:23): avc:  denied  { call } for  scontext=u:r:aocxd:s0 tcontext=u:r:aocxdallowdomain:s0:c512,c768 tclass=binder permissive=0
11-27 14:56:33.645  1000   422   422 E SELinux : avc:  denied  { find } for pid=7360 uid=10267 name=aocx.IAocx/default scontext=u:r:aocxdallowdomain:s0:c512,c768 tcontext=u:object_r:aocx:s0 tclass=service_manager permissive=0

Test: make -j64
Bug: 385663354
Flag: EXEMPT bugfix
Change-Id: I7888e89710cfb671fb26180f8b2bc3152e1ced89
2025-01-15 23:39:08 -08:00

6 lines
201 B
Text
Raw Blame History

# Aocx AIDL service
allow aocxdallowdomain aocx:service_manager find;
binder_call(aocxdallowdomain, aocxd)
# Allow aocxd asynchronous callback to aocxdallowdomain
binder_call(aocxd, aocxdallowdomain)
Reference in a new issue View git blame Copy permalink