Fix selinux errors for rild
03-10 09:33:20.380 849 849 I rild_exynos: type=1400 audit(0.0:11): avc: denied { map } for path="/dev/__properties__/u:object_r:sota_prop:s0" dev="tmpfs" ino=241 scontext=u:r:rild:s0 tcontext=u:object_r:sota_prop:s0 tclass=file permissive=1
03-10 09:33:20.380 849 849 I rild_exynos: type=1400 audit(0.0:10): avc: denied { getattr } for path="/dev/__properties__/u:object_r:sota_prop:s0" dev="tmpfs" ino=241 scontext=u:r:rild:s0 tcontext=u:object_r:sota_prop:s0 tclass=file permissive=1
03-10 09:33:20.380 849 849 I rild_exynos: type=1400 audit(0.0:9): avc: denied { open } for path="/dev/__properties__/u:object_r:sota_prop:s0" dev="tmpfs" ino=241 scontext=u:r:rild:s0 tcontext=u:object_r:sota_prop:s0 tclass=file permissive=1
03-10 09:33:20.380 849 849 I rild_exynos: type=1400 audit(0.0:8): avc: denied { read } for name="u:object_r:sota_prop:s0" dev="tmpfs" ino=241 scontext=u:r:rild:s0 tcontext=u:object_r:sota_prop:s0 tclass=file permissive=1
[ 16.814981] type=1400 audit(1615340000.380:8): avc: denied { read } for comm="rild_exynos" name="u:object_r:sota_prop:s0" dev="tmpfs" ino=241 scontext=u:r:rild:s0 tcontext=u:object_r:sota_prop:s0 tclass=file permissive=1
[ 16.815057] type=1400 audit(1615340000.380:9): avc: denied { open } for comm="rild_exynos" path="/dev/__properties__/u:object_r:sota_prop:s0" dev="tmpfs" ino=241 scontext=u:r:rild:s0 tcontext=u:object_r:sota_prop:s0 tclass=file permissive=1
[ 16.815089] type=1400 audit(1615340000.380:10): avc: denied { getattr } for comm="rild_exynos" path="/dev/__properties__/u:object_r:sota_prop:s0" dev="tmpfs" ino=241 scontext=u:r:rild:s0 tcontext=u:object_r:sota_prop:s0 tclass=file permissive=1
[ 16.815108] type=1400 audit(1615340000.380:11): avc: denied { map } for comm="rild_exynos" path="/dev/__properties__/u:object_r:sota_prop:s0" dev="tmpfs" ino=241 scontext=u:r:rild:s0 tcontext=u:object_r:sota_prop:s0 tclass=file permissive=1
Bug: 182320172
Test: verified with the forrest ROM and error log gone
Change-Id: Ib0300629de5a0186c4f9fd2f603be52aefd085bc
This commit is contained in:
Aaron Tsai
parent
14ff0e6ac5
commit
d135bde241
2 changed files with 1 additions and 9 deletions
|
|
@ -1,9 +0,0 @@
|
||||||
# b/182320172
|
|
||||||
dontaudit rild sota_prop:file { map };
|
|
||||||
dontaudit rild sota_prop:file { getattr };
|
|
||||||
dontaudit rild sota_prop:file { open };
|
|
||||||
dontaudit rild sota_prop:file { read };
|
|
||||||
dontaudit rild sota_prop:file { read };
|
|
||||||
dontaudit rild sota_prop:file { open };
|
|
||||||
dontaudit rild sota_prop:file { getattr };
|
|
||||||
dontaudit rild sota_prop:file { map };
|
|
||||||
1
whitechapel/vendor/google/rild.te
vendored
1
whitechapel/vendor/google/rild.te
vendored
|
|
@ -4,6 +4,7 @@ get_prop(rild, vendor_persist_config_default_prop)
|
||||||
get_prop(rild, vendor_ro_config_default_prop)
|
get_prop(rild, vendor_ro_config_default_prop)
|
||||||
set_prop(rild, vendor_sys_default_prop)
|
set_prop(rild, vendor_sys_default_prop)
|
||||||
|
|
||||||
|
get_prop(rild, sota_prop)
|
||||||
get_prop(rild, system_boot_reason_prop)
|
get_prop(rild, system_boot_reason_prop)
|
||||||
|
|
||||||
allow rild proc_net:file rw_file_perms;
|
allow rild proc_net:file rw_file_perms;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue