From 05eb29e217141d84585325971b43a05c0e2ac7b5 Mon Sep 17 00:00:00 2001 From: Ricky Niu Date: Mon, 14 Feb 2022 15:22:04 +0800 Subject: [PATCH] Add hal_usb_impl permission Add hal_usb_impl get below permission allow hal_usb_impl configfs:dir rw_dir_perms; allow hal_usb_impl configfs:file create_file_perms; avc denied 02-16 12:05:19.820 788 788 I android.hardwar: type=1400 audit(0.0:4882): avc: denied { search } for name="/" dev="configfs" ino=13419 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=1 02-16 12:05:19.820 788 788 I android.hardwar: type=1400 audit(0.0:4883): avc: denied { write } for name="g1" dev="configfs" ino=38003 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=1 02-16 12:05:19.820 788 788 I android.hardwar: type=1400 audit(0.0:4884): avc: denied { add_name } for name="UDC" scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=1 02-16 12:05:19.820 788 788 I android.hardwar: type=1400 audit(0.0:4885): avc: denied { create } for name="UDC" scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0 tclass=file permissive=1 02-16 12:05:19.820 788 788 I android.hardwar: type=1400 audit(0.0:4886): avc: denied { write } for name="UDC" dev="configfs" ino=106988 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0 tclass=file permissive=1 Bug: 218997592 Signed-off-by: Ricky Niu Change-Id: I854479cef1a0b8ad518814fb9d20558cf52202e7 --- whitechapel/vendor/google/hal_usb_impl.te | 2 ++ 1 file changed, 2 insertions(+) diff --git a/whitechapel/vendor/google/hal_usb_impl.te b/whitechapel/vendor/google/hal_usb_impl.te index 736f2cc3..6b6d19f6 100644 --- a/whitechapel/vendor/google/hal_usb_impl.te +++ b/whitechapel/vendor/google/hal_usb_impl.te @@ -4,6 +4,8 @@ hal_server_domain(hal_usb_impl, hal_usb) type hal_usb_impl_exec, vendor_file_type, exec_type, file_type; init_daemon_domain(hal_usb_impl) +allow hal_usb_impl configfs:dir rw_dir_perms; +allow hal_usb_impl configfs:file create_file_perms; allow hal_usb_impl sysfs_batteryinfo:dir r_dir_perms; allow hal_usb_impl sysfs_batteryinfo:file rw_file_perms; allow hal_usb_impl sysfs_extcon:dir search;