From 7c0fd2a41394fba7936bad0406d48ff77a14e5cc Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Wed, 17 Mar 2021 10:13:21 +0800 Subject: [PATCH] update error on ROM 7213588 Bug: 182954169 Bug: 182954060 Bug: 182954138 Bug: 182954062 Bug: 182953824 Bug: 182953825 Bug: 182954248 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I8417d4ebacefa691838e25131749b0e4fd152a2f --- tracking_denials/hal_health_default.te | 13 ++++++++ tracking_denials/hal_vibrator_default.te | 11 +++++++ tracking_denials/init.te | 5 +++ tracking_denials/kernel.te | 3 ++ tracking_denials/system_app.te | 2 ++ tracking_denials/trusty_apploader.te | 3 ++ tracking_denials/vendor_init.te | 2 ++ whitechapel/vendor/google/genfs_contexts | 39 ++++++++++++++++-------- 8 files changed, 66 insertions(+), 12 deletions(-) create mode 100644 tracking_denials/kernel.te create mode 100644 tracking_denials/system_app.te create mode 100644 tracking_denials/trusty_apploader.te diff --git a/tracking_denials/hal_health_default.te b/tracking_denials/hal_health_default.te index e69de29b..f5ffd871 100644 --- a/tracking_denials/hal_health_default.te +++ b/tracking_denials/hal_health_default.te @@ -0,0 +1,13 @@ +# b/182954169 +dontaudit hal_health_default sysfs:file { read }; +dontaudit hal_health_default sysfs:file { getattr }; +dontaudit hal_health_default sysfs:file { read }; +dontaudit hal_health_default sysfs:file { read }; +dontaudit hal_health_default sysfs:file { open }; +dontaudit hal_health_default sysfs:file { getattr }; +dontaudit hal_health_default sysfs:file { open }; +dontaudit hal_health_default sysfs:file { read }; +dontaudit hal_health_default sysfs:file { open }; +dontaudit hal_health_default sysfs:file { getattr }; +dontaudit hal_health_default sysfs:file { open }; +dontaudit hal_health_default sysfs:file { getattr }; diff --git a/tracking_denials/hal_vibrator_default.te b/tracking_denials/hal_vibrator_default.te index eea73ffc..58df632c 100644 --- a/tracking_denials/hal_vibrator_default.te +++ b/tracking_denials/hal_vibrator_default.te @@ -1,2 +1,13 @@ # b/174961422 dontaudit hal_vibrator_default property_type:file * ; +# b/182954060 +dontaudit hal_vibrator_default sysfs:file { getattr }; +dontaudit hal_vibrator_default sysfs:file { getattr }; +dontaudit hal_vibrator_default sysfs:file { getattr }; +dontaudit hal_vibrator_default sysfs:file { getattr }; +dontaudit hal_vibrator_default sysfs:file { getattr }; +dontaudit hal_vibrator_default sysfs:file { open }; +dontaudit hal_vibrator_default sysfs:file { read write }; +dontaudit hal_vibrator_default sysfs:file { open }; +dontaudit hal_vibrator_default sysfs:file { read write }; +dontaudit hal_vibrator_default sysfs:file { getattr }; diff --git a/tracking_denials/init.te b/tracking_denials/init.te index 27d6f882..6ecb2c0c 100644 --- a/tracking_denials/init.te +++ b/tracking_denials/init.te @@ -1,3 +1,8 @@ # b/180963348 dontaudit init overlayfs_file:chr_file { unlink }; dontaudit init overlayfs_file:file { rename }; +# b/182954138 +dontaudit init vendor_file:file { execute }; +dontaudit init vendor_file:file { execute }; +dontaudit init sysfs:file { setattr }; +dontaudit init sysfs:file { setattr }; diff --git a/tracking_denials/kernel.te b/tracking_denials/kernel.te new file mode 100644 index 00000000..7d36d7fe --- /dev/null +++ b/tracking_denials/kernel.te @@ -0,0 +1,3 @@ +# b/182954062 +dontaudit kernel kernel:perf_event { cpu }; +dontaudit kernel kernel:perf_event { cpu }; diff --git a/tracking_denials/system_app.te b/tracking_denials/system_app.te new file mode 100644 index 00000000..41c59a5d --- /dev/null +++ b/tracking_denials/system_app.te @@ -0,0 +1,2 @@ +# b/182953824 +dontaudit system_app default_android_service:service_manager { add }; diff --git a/tracking_denials/trusty_apploader.te b/tracking_denials/trusty_apploader.te new file mode 100644 index 00000000..3f6e9ae9 --- /dev/null +++ b/tracking_denials/trusty_apploader.te @@ -0,0 +1,3 @@ +# b/182953825 +dontaudit trusty_apploader trusty_apploader:capability { dac_override }; +dontaudit trusty_apploader trusty_apploader:capability { dac_override }; diff --git a/tracking_denials/vendor_init.te b/tracking_denials/vendor_init.te index 5e1763fd..b30930a8 100644 --- a/tracking_denials/vendor_init.te +++ b/tracking_denials/vendor_init.te @@ -14,3 +14,5 @@ dontaudit vendor_init unlabeled:dir { open }; dontaudit vendor_init unlabeled:dir { read }; dontaudit vendor_init unlabeled:dir { setattr }; dontaudit vendor_init unlabeled:dir { open }; +# b/182954248 +dontaudit vendor_init default_prop:file { read }; diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 11d98a63..0b212f49 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -138,18 +138,33 @@ genfscon sysfs /devices/system/chip-id/revision u:object_r:sysfs_chip_id: genfscon sysfs /devices/system/chip-id/raw_str u:object_r:sysfs_chip_id:s0 # system_suspend wakeup nodes -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-003c/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-003c/wakeup/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/14520000.pcie/pci0001:00/0001:00:00.0/0001:01:00.0/wakeup/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0025/power_supply/tcpm-source-psy-5-0025/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0069/power_supply/dc/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0025/wakeup/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0057/power_supply/pca9468-mains/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-0043/wakeup/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0025/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/14520000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0/wakeup/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/google,cpm/power_supply/gcpm_pps/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/odm/odm:btbcm/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-003c/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-003c/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/14520000.pcie/pci0001:00/0001:00:00.0/0001:01:00.0/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0025/power_supply/tcpm-source-psy-5-0025/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0069/power_supply/dc/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0025/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0057/power_supply/pca9468-mains/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-0043/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0025/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/14520000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/google,cpm/power_supply/gcpm_pps/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/odm/odm:btbcm/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-003c/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-6/6-0025/power_supply/tcpm-source-psy-6-0025/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-8/8-002f/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-003c/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/7-001f/s2mpg10-rtc/rtc/rtc0/alarmtimer.1.auto/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-6/6-0025/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-6/6-0057/power_supply/pca9468-mains/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-6/6-0025/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-6/6-0069/power_supply/dc/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-6/6-0036/power_supply/maxfg/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/7-001f/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-7/7-001f/s2mpg10-rtc/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10960000.hsi2c/i2c-4/4-0008/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0043/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-6/6-0069/power_supply/main-charger/wakeup u:object_r:sysfs_wakeup:s0 # subsystem-coredump genfscon sysfs /class/sscoredump/level u:object_r:sscoredump_sysfs_level:s0