Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

gs101-sepolicy: Allow dumping vendor groups values

Browse source 
Fix:
avc: denied { read } for name="vendor_sched" dev="sysfs" ino=45566 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0

avc: denied { read } for name="dump_task_group_ta" dev="proc" ino=4026532542 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0

Bug: 172112042
Test: dump data as expected
Change-Id: I9945953dba4afddd34c1535c12193b1f00fdcef9
This commit is contained in:
Rick Yiu 2021-05-22 13:17:04 +08:00
parent 16a38b2b6c
commit 5aeb1b9e45
3 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
whitechapel/vendor/google/file.te vendored
View file

@ -144,6 +144,7 @@ type sysfs_edgetpu, sysfs_type, fs_type;
# Vendor sched files # Vendor sched files
type sysfs_vendor_sched, sysfs_type, fs_type; type sysfs_vendor_sched, sysfs_type, fs_type;
type proc_vendor_sched, proc_type, fs_type;
# GPS # GPS
type vendor_gps_file, file_type, data_file_type; type vendor_gps_file, file_type, data_file_type;

2
whitechapel/vendor/google/genfs_contexts vendored
View file

@ -164,6 +164,8 @@ genfscon sysfs /kernel/vendor_sched/uclamp_threshold u
genfscon sysfs /kernel/vendor_sched/uclamp_util_diff_stats u:object_r:sysfs_vendor_sched:s0 genfscon sysfs /kernel/vendor_sched/uclamp_util_diff_stats u:object_r:sysfs_vendor_sched:s0
genfscon sysfs /kernel/vendor_sched/util_threshold u:object_r:sysfs_vendor_sched:s0 genfscon sysfs /kernel/vendor_sched/util_threshold u:object_r:sysfs_vendor_sched:s0
genfscon proc /vendor_sched u:object_r:proc_vendor_sched:s0
# GPS # GPS
genfscon sysfs /devices/platform/10940000.spi/spi_master/spi5/spi5.0/nstandby u:object_r:sysfs_gps:s0 genfscon sysfs /devices/platform/10940000.spi/spi_master/spi5/spi5.0/nstandby u:object_r:sysfs_gps:s0

4
whitechapel/vendor/google/hal_dumpstate_default.te vendored
View file

@ -91,6 +91,10 @@ binder_call(hal_dumpstate_default, citadeld);
allow hal_dumpstate_default vendor_displaycolor_service:service_manager find; allow hal_dumpstate_default vendor_displaycolor_service:service_manager find;
binder_call(hal_dumpstate_default, hal_graphics_composer_default); binder_call(hal_dumpstate_default, hal_graphics_composer_default);
allow hal_dumpstate_default sysfs_vendor_sched:file read;
allow hal_dumpstate_default proc_vendor_sched:dir r_dir_perms;
allow hal_dumpstate_default proc_vendor_sched:file r_file_perms;
userdebug_or_eng(` userdebug_or_eng(`
allow hal_dumpstate_default mnt_vendor_file:dir search; allow hal_dumpstate_default mnt_vendor_file:dir search;
allow hal_dumpstate_default ramdump_vendor_mnt_file:dir search; allow hal_dumpstate_default ramdump_vendor_mnt_file:dir search;