From a457b1d6400f922525b293cb453bd4424eb388b7 Mon Sep 17 00:00:00 2001 From: Rick Yiu Date: Tue, 8 Jun 2021 15:40:42 +0800 Subject: [PATCH] gs101-sepolicy: Fix tracking_denials of sysfs_vendor_sched Bug: 190368350 Test: build pass Change-Id: Id742e8328f63c04e5448225975897d8f6adc1e13 --- tracking_denials/logger_app.te | 2 -- tracking_denials/shell.te | 2 -- tracking_denials/untrusted_app.te | 2 -- whitechapel/vendor/google/logger_app.te | 1 + .../vendor/google}/mediaprovider.te | 1 - whitechapel/vendor/google/shell.te | 2 ++ whitechapel/vendor/google/untrusted_app.te | 1 + .../vendor/google}/untrusted_app_29.te | 1 - 8 files changed, 4 insertions(+), 8 deletions(-) delete mode 100644 tracking_denials/logger_app.te delete mode 100644 tracking_denials/shell.te rename {tracking_denials => whitechapel/vendor/google}/mediaprovider.te (79%) create mode 100644 whitechapel/vendor/google/untrusted_app.te rename {tracking_denials => whitechapel/vendor/google}/untrusted_app_29.te (80%) diff --git a/tracking_denials/logger_app.te b/tracking_denials/logger_app.te deleted file mode 100644 index c927c3a5..00000000 --- a/tracking_denials/logger_app.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/190337281 -dontaudit logger_app sysfs_vendor_sched:dir search; diff --git a/tracking_denials/shell.te b/tracking_denials/shell.te deleted file mode 100644 index dd01cb38..00000000 --- a/tracking_denials/shell.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/190336524 -dontaudit shell sysfs_vendor_sched:dir search; diff --git a/tracking_denials/untrusted_app.te b/tracking_denials/untrusted_app.te index d81c48d3..9b098f88 100644 --- a/tracking_denials/untrusted_app.te +++ b/tracking_denials/untrusted_app.te @@ -2,5 +2,3 @@ dontaudit untrusted_app vendor_camera_prop:file { read }; dontaudit untrusted_app vendor_camera_prop:file { read }; dontaudit untrusted_app vendor_camera_prop:file { read }; -# b/190337295 -dontaudit untrusted_app sysfs_vendor_sched:dir search; diff --git a/whitechapel/vendor/google/logger_app.te b/whitechapel/vendor/google/logger_app.te index fac3b5ea..8c8f5197 100644 --- a/whitechapel/vendor/google/logger_app.te +++ b/whitechapel/vendor/google/logger_app.te @@ -24,4 +24,5 @@ userdebug_or_eng(` set_prop(logger_app, vendor_wifi_sniffer_prop) dontaudit logger_app default_prop:file { read }; + dontaudit logger_app sysfs_vendor_sched:dir search; ') diff --git a/tracking_denials/mediaprovider.te b/whitechapel/vendor/google/mediaprovider.te similarity index 79% rename from tracking_denials/mediaprovider.te rename to whitechapel/vendor/google/mediaprovider.te index db311ea3..a1b629f8 100644 --- a/tracking_denials/mediaprovider.te +++ b/whitechapel/vendor/google/mediaprovider.te @@ -1,2 +1 @@ -# b/190336723 dontaudit mediaprovider sysfs_vendor_sched:dir search; diff --git a/whitechapel/vendor/google/shell.te b/whitechapel/vendor/google/shell.te index 3dd4a705..aa4dfa44 100644 --- a/whitechapel/vendor/google/shell.te +++ b/whitechapel/vendor/google/shell.te @@ -5,3 +5,5 @@ userdebug_or_eng(` allow shell sysfs_sjtag:dir r_dir_perms; allow shell sysfs_sjtag:file rw_file_perms; ') + +dontaudit shell sysfs_vendor_sched:dir search; diff --git a/whitechapel/vendor/google/untrusted_app.te b/whitechapel/vendor/google/untrusted_app.te new file mode 100644 index 00000000..4fbfe935 --- /dev/null +++ b/whitechapel/vendor/google/untrusted_app.te @@ -0,0 +1 @@ +dontaudit untrusted_app sysfs_vendor_sched:dir search; diff --git a/tracking_denials/untrusted_app_29.te b/whitechapel/vendor/google/untrusted_app_29.te similarity index 80% rename from tracking_denials/untrusted_app_29.te rename to whitechapel/vendor/google/untrusted_app_29.te index bf68b841..844bb6a4 100644 --- a/tracking_denials/untrusted_app_29.te +++ b/whitechapel/vendor/google/untrusted_app_29.te @@ -1,2 +1 @@ -# b/190336841 dontaudit untrusted_app_29 sysfs_vendor_sched:dir search;