Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

storage: update sepolicy for hardwareinfoservice

Browse source 
avc: denied { search } for name="0:0:0:0" dev="sysfs" ino=57525 scontext=u:r:hardware_info_app:s0:c512,c768 avc: denied { search } for name="health_descriptor" dev="sysfs" ino=57017 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0 app=com.google.android.hardwareinfo
avc: denied { search } for name="health_descriptor" dev="sysfs" ino=57017 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0 app=com.google.android.hardwareinfo

avc: denied { read } for name="vpd_pg80" dev="sysfs" ino=57559 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo
avc: denied { read } for name="model" dev="sysfs" ino=57534 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo
avc: denied { read } for name="vendor" dev="sysfs" ino=57533 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo
avc: denied { read } for name="rev" dev="sysfs" ino=57535 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo
avc: denied { read } for name="eol_info" dev="sysfs" ino=57020 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo
avc: denied { read } for name="life_time_estimation_a" dev="sysfs" ino=57021 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo

Bug: 188755652
Test: reboot then check hardwareinfo and avc denined log
Change-Id: Ia03ebdd6b0b46b4c9ace5fbf1fc47a455a55abcb
This commit is contained in:
Ocean Chen 2021-05-24 14:57:33 +08:00
parent 56cbfd5a0a
commit b8aebc85e1
2 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
tracking_denials/hardware_info_app.te
View file

@ -1,12 +1,8 @@
# b/181177926 # b/181177926
dontaudit hardware_info_app sysfs_scsi_devices_0000:file { getattr };
dontaudit hardware_info_app sysfs_scsi_devices_0000:file { open };
dontaudit hardware_info_app sysfs_batteryinfo:file { read }; dontaudit hardware_info_app sysfs_batteryinfo:file { read };
dontaudit hardware_info_app sysfs:file { read }; dontaudit hardware_info_app sysfs:file { read };
dontaudit hardware_info_app sysfs:file { open }; dontaudit hardware_info_app sysfs:file { open };
dontaudit hardware_info_app sysfs:file { getattr }; dontaudit hardware_info_app sysfs:file { getattr };
dontaudit hardware_info_app sysfs_scsi_devices_0000:dir { search };
dontaudit hardware_info_app sysfs_scsi_devices_0000:file { read };
dontaudit hardware_info_app sysfs_batteryinfo:dir { search }; dontaudit hardware_info_app sysfs_batteryinfo:dir { search };
# b/181914888 # b/181914888
dontaudit hardware_info_app sysfs_batteryinfo:file { open }; dontaudit hardware_info_app sysfs_batteryinfo:file { open };

4
whitechapel/vendor/google/hardware_info_app.te vendored
View file

@ -11,3 +11,7 @@ allow hardware_info_app sysfs_display:file r_file_perms;
# Audio # Audio
allow hardware_info_app sysfs_pixelstats:dir search; allow hardware_info_app sysfs_pixelstats:dir search;
allow hardware_info_app sysfs_pixelstats:file r_file_perms; allow hardware_info_app sysfs_pixelstats:file r_file_perms;
# Storage
allow hardware_info_app sysfs_scsi_devices_0000:dir search;
allow hardware_info_app sysfs_scsi_devices_0000:file r_file_perms;