Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge "Fix SELinux errors with aocd" into sc-dev

Browse source
This commit is contained in:
Craig Dooley 2021-04-08 17:27:56 +00:00 committed by Android (Google) Code Review
commit cd888e847f
6 changed files with 16 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

8
tracking_denials/aocd.te
View file

@ -1,8 +0,0 @@
# b/171267323
dontaudit aocd device:dir r_dir_perms;
# b/182218891
dontaudit aocd property_socket:sock_file { write };
dontaudit aocd init:unix_stream_socket { connectto };
dontaudit aocd vendor_default_prop:property_service { set };
dontaudit aocd property_socket:sock_file { write };
dontaudit aocd init:unix_stream_socket { connectto };

7
whitechapel/vendor/google/aocd.te vendored
View file

@ -5,6 +5,7 @@ init_daemon_domain(aocd)
# access persist files # access persist files
allow aocd mnt_vendor_file:dir search; allow aocd mnt_vendor_file:dir search;
allow aocd persist_file:dir search; allow aocd persist_file:dir search;
r_dir_file(aocd, persist_aoc_file);
# sysfs operations # sysfs operations
allow aocd sysfs_aoc:dir search; allow aocd sysfs_aoc:dir search;
@ -12,3 +13,9 @@ allow aocd sysfs_aoc_firmware:file w_file_perms;
# dev operations # dev operations
allow aocd aoc_device:chr_file r_file_perms; allow aocd aoc_device:chr_file r_file_perms;
# allow inotify to watch for additions/removals from /dev
allow aocd device:dir r_dir_perms;
# set properties
set_prop(aocd, vendor_aoc_prop)

1
whitechapel/vendor/google/file.te vendored
View file

@ -97,6 +97,7 @@ type sysfs_aoc, sysfs_type, fs_type;
# Audio # Audio
type persist_audio_file, file_type, vendor_persist_type; type persist_audio_file, file_type, vendor_persist_type;
type persist_aoc_file, file_type, vendor_persist_type;
type audio_vendor_data_file, file_type, data_file_type; type audio_vendor_data_file, file_type, data_file_type;
type aoc_audio_file, file_type, vendor_file_type; type aoc_audio_file, file_type, vendor_file_type;

1
whitechapel/vendor/google/file_contexts vendored
View file

@ -291,6 +291,7 @@
/dev/ttySAC16 u:object_r:hci_attach_dev:s0 /dev/ttySAC16 u:object_r:hci_attach_dev:s0
# Audio # Audio
/mnt/vendor/persist/aoc(/.*)? u:object_r:persist_aoc_file:s0
/mnt/vendor/persist/audio(/.*)? u:object_r:persist_audio_file:s0 /mnt/vendor/persist/audio(/.*)? u:object_r:persist_audio_file:s0
/data/vendor/audio(/.*)? u:object_r:audio_vendor_data_file:s0 /data/vendor/audio(/.*)? u:object_r:audio_vendor_data_file:s0
/vendor/etc/aoc(/.*)? u:object_r:aoc_audio_file:s0 /vendor/etc/aoc(/.*)? u:object_r:aoc_audio_file:s0

3
whitechapel/vendor/google/property.te vendored
View file

@ -33,6 +33,9 @@ system_public_prop(vendor_edgetpu_service_prop)
# Battery defender # Battery defender
vendor_internal_prop(vendor_battery_defender_prop) vendor_internal_prop(vendor_battery_defender_prop)
# AoC
vendor_internal_prop(vendor_aoc_prop)
# NFC # NFC
vendor_internal_prop(vendor_nfc_prop) vendor_internal_prop(vendor_nfc_prop)

3
whitechapel/vendor/google/property_contexts vendored
View file

@ -96,6 +96,9 @@ persist.vendor.nfc. u:object_r:vendor_nfc_prop:s0
# Battery # Battery
vendor.battery.defender. u:object_r:vendor_battery_defender_prop:s0 vendor.battery.defender. u:object_r:vendor_battery_defender_prop:s0
# AoC
vendor.aoc.firmware.version u:object_r:vendor_aoc_prop:s0
# WiFi # WiFi
vendor.wlan.driver.version u:object_r:vendor_wifi_version:s0 vendor.wlan.driver.version u:object_r:vendor_wifi_version:s0
vendor.wlan.firmware.version u:object_r:vendor_wifi_version:s0 vendor.wlan.firmware.version u:object_r:vendor_wifi_version:s0