Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add sepolicy for sensor HAL to read lhbm

Browse source 
04-23 08:54:18.000   742   742 I /vendor/bin/hw/android.hardware.sensors@2.0-service.multihal: type=1400 audit(0.0:23): avc: denied { read } for comm=504F5349582074696D6572203430 name="local_hbm_mode" dev="sysfs" ino=70515 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_lhbm:s0 tclass=file permissive=1

Bug: 181617640
Test: Forrest build with this patch(ab/P22167685).
      No local_hbm_mode related avc deined log.
Change-Id: Ibac3317cbca8652885310b1f5af8f4ea4d44a5c4
This commit is contained in:
Chia-Ching Yu 2021-04-26 04:22:34 +08:00 committed by Chia Ching Yu
parent 16730f3087
commit 3f91d6417a
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
usf/sensor_hal.te
View file

@ -54,3 +54,6 @@ allow hal_sensors_default fwk_stats_service:service_manager find;
# Allow access to CHRE socket to connect to nanoapps.
unix_socket_connect(hal_sensors_default, chre, chre)
# Allow sensor HAL to read lhbm.
allow hal_sensors_default sysfs_lhbm:file r_file_perms;