Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

trusty_apploader: Fix avc errors

Browse source 
Fix the following avc denials:
trusty_apploade: type=1400 audit(0.0:3): avc: denied { read } for name="system" dev="tmpfs" ino=713 scontext=u:r:trusty_apploader:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=1
trusty_apploade: type=1400 audit(0.0:4): avc: denied { open } for path="/dev/dma_heap/system" dev="tmpfs" ino=713 scontext=u:r:trusty_apploader:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=1
trusty_apploade: type=1400 audit(0.0:5): avc: denied { ioctl } for path="/dev/dma_heap/system" dev="tmpfs" ino=713 ioctlcmd=0x4800 scontext=u:r:trusty_apploader:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=1

Bug: 180874342
Test: Verify no avc denied when trusty app is loaded.
Change-Id: Idbd850580220a1cb85a221d769d741f63cd8751f
This commit is contained in:
Kris Chen 2021-03-08 16:35:50 +08:00
parent 5009efa776
commit 5c76e0c1f3
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
whitechapel/vendor/google/trusty_apploader.te vendored
View file

@ -4,3 +4,4 @@ init_daemon_domain(trusty_apploader)
allow trusty_apploader ion_device:chr_file r_file_perms; allow trusty_apploader ion_device:chr_file r_file_perms;
allow trusty_apploader tee_device:chr_file rw_file_perms; allow trusty_apploader tee_device:chr_file rw_file_perms;
allow trusty_apploader dmabuf_system_heap_device:chr_file r_file_perms;