Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow the NNAPI HAL to access edgetpu_app_service.

Browse source 
10-12 14:40:11.528   759   759 W Binder:759_1: type=1400 audit(0.0:23): avc: denied { call } for scontext=u:r:hal_neuralnetworks_darwinn:s0 tcontext=u:r:edgetpu_app_server:s0 tclass=binder permissive=0

10-12 18:17:04.678   440   440 E SELinux : avc:  denied  { find } for pid=753 uid=1000 name=com.google.edgetpu.IEdgeTpuAppService/default scontext=u:r:hal_neuralnetworks_darwinn:s0 tcontext=u:object_r:edgetpu_app_service:s0 tclass=service_manager permissive=0

Test: rebuilt the selinux_policy. The AVC denials don't show up.
Bug: 196697793
Change-Id: If43f7411a3324f65323ea004e34878f070d9ebeb
This commit is contained in:
qinyiyan 2021-10-12 13:53:44 -07:00 committed by Quinn Yan
parent 86d9e3657c
commit 6e818988b6
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
edgetpu/hal_neuralnetworks_darwinn.te
View file

@ -43,3 +43,7 @@ allow hal_neuralnetworks_darwinn proc_overcommit_memory:file r_file_perms;
# Allows the logging service to access /sys/class/edgetpu
allow hal_neuralnetworks_darwinn sysfs_edgetpu:dir r_dir_perms;
allow hal_neuralnetworks_darwinn sysfs_edgetpu:file r_file_perms;
# Allows the NNAPI HAL to access the edgetpu_app_service
allow hal_neuralnetworks_darwinn edgetpu_app_service:service_manager find;
binder_call(hal_neuralnetworks_darwinn, edgetpu_app_server);