Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sepolicy: add usf folder to BOARD_SEPOLICY_DIRS.

Browse source 
03-08 09:26:34.320   701   701 I MonitorFdThread: type=1400
audit(0.0:5): avc: denied { read } for name="/" dev="tmpfs" ino=1
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:device:s0
tclass=dir permissive=1
03-08 09:26:34.320   701   701 I MonitorFdThread: type=1400
audit(0.0:6): avc: denied { watch } for path="/dev" dev="tmpfs" ino=1
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:device:s0
tclass=dir permissive=1
03-08 09:26:36.344   701   701 I android.hardwar: type=1400
audit(0.0:11): avc: denied { read write } for name="acd-com.google.usf"
dev="tmpfs" ino=932 scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:aoc_device:s0 tclass=chr_file permissive=1
03-08 09:26:36.344   701   701 I android.hardwar: type=1400
audit(0.0:12): avc: denied { open } for path="/dev/acd-com.google.usf"
dev="tmpfs" ino=932 scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:aoc_device:s0 tclass=chr_file permissive=1
03-08 09:26:36.948   701   701 I android.hardwar: type=1400
audit(0.0:13): avc: denied { search } for name="vendor" dev="tmpfs"
ino=2 scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=1
03-08 09:26:36.948   701   701 I android.hardwar: type=1400
audit(0.0:14): avc: denied { search } for name="/" dev="sda1" ino=2
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:persist_file:s0
tclass=dir permissive=1
03-08 09:26:36.952   701   701 I android.hardwar: type=1400
audit(0.0:15): avc: denied { getattr } for
path="/mnt/vendor/persist/sensors/registry" dev="sda1" ino=24
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:persist_file:s0
tclass=dir permissive=1
03-08 09:26:36.952   701   701 I android.hardwar: type=1400
audit(0.0:16): avc: denied { read } for name="registry" dev="sda1"
ino=24

Bug:182086633
Test: make selinux_policy -j128 and push to device.
Test: avc denials are disappeared in boot log.

Change-Id: Id7ad6dcb63c880a4b7b07dbe4588ec231e9e00b5
This commit is contained in:
matthuang 2021-03-08 14:07:36 +08:00
parent fc5a6a88db
commit 04275485f7
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
gs101-sepolicy.mk
View file

@ -21,3 +21,6 @@ BOARD_SEPOLICY_DIRS += hardware/google/pixel-sepolicy/powerstats
# Display
BOARD_SEPOLICY_DIRS += device/google/gs101-sepolicy/display/common
BOARD_SEPOLICY_DIRS += device/google/gs101-sepolicy/display/gs101
# Micro sensor framework (usf)
BOARD_SEPOLICY_DIRS += device/google/gs101-sepolicy/usf