Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sepolicy: gs101: allows pixelstat to access pca file nodes

Browse source 
07-23 14:24:45.512  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:10): avc: denied { open } for path="/sys/devices/platform/10d50000.hsi2c/i2c-5/5-0057/chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
07-23 14:24:45.512  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:11): avc: denied { getattr } for path="/sys/devices/platform/10d50000.hsi2c/i2c-5/5-0057/chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
07-23 14:24:57.536  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:12): avc: denied { read } for name="chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
07-23 14:24:57.536  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:13): avc: denied { open } for path="/sys/devices/platform/10d50000.hsi2c/i2c-5/5-0057/chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
07-23 14:24:57.536  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:14): avc: denied { getattr } for path="/sys/devices/platform/10d50000.hsi2c/i2c-5/5-0057/chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
07-23 14:24:57.536  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:15): avc: denied { write } for name="chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 194386750
Test: manually test, no avc: denied
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: I1a16edb5bb7820f62b3ce598aa50eba2d9455927
This commit is contained in:
Jack Wu 2021-07-23 14:28:04 +08:00
parent b3225f0f6c
commit d6c1a50bba
3 changed files with 9 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

3
whitechapel/vendor/google/file.te vendored
View file

@ -124,6 +124,9 @@ type tcpdump_vendor_data_file, file_type, data_file_type, mlstrustedobject;
# Wireless # Wireless
type sysfs_wlc, sysfs_type, fs_type; type sysfs_wlc, sysfs_type, fs_type;
# Pca
type sysfs_pca, sysfs_type, fs_type;
# Camera # Camera
type persist_camera_file, file_type; type persist_camera_file, file_type;
type vendor_camera_tuning_file, vendor_file_type, file_type; type vendor_camera_tuning_file, vendor_file_type, file_type;

2
whitechapel/vendor/google/genfs_contexts vendored
View file

@ -26,6 +26,7 @@ genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/i2c-p9412/power_supply
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0050/eeprom u:object_r:sysfs_batteryinfo:s0 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0050/eeprom u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0061/power_supply u:object_r:sysfs_batteryinfo:s0 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0061/power_supply u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0036/power_supply u:object_r:sysfs_batteryinfo:s0 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0036/power_supply u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-6/6-0057/chg_stats u:object_r:sysfs_pca:s0
genfscon sysfs /devices/platform/10d30000.spi/spi_master/spi10/spi10.0/uwb/power_stats u:object_r:sysfs_power_stats:s0 genfscon sysfs /devices/platform/10d30000.spi/spi_master/spi10/spi10.0/uwb/power_stats u:object_r:sysfs_power_stats:s0
@ -33,6 +34,7 @@ genfscon sysfs /devices/platform/10d30000.spi/spi_master/spi10/spi10.0/uwb/power
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/i2c-p9412 u:object_r:sysfs_wlc:s0 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/i2c-p9412 u:object_r:sysfs_wlc:s0
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/i2c-p9412/power_supply u:object_r:sysfs_batteryinfo:s0 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/i2c-p9412/power_supply u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-0050/eeprom u:object_r:sysfs_batteryinfo:s0 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-0050/eeprom u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0057/chg_stats u:object_r:sysfs_pca:s0
# Storage # Storage
genfscon debugfs /f2fs u:object_r:debugfs_f2fs:s0 genfscon debugfs /f2fs u:object_r:debugfs_f2fs:s0

8
whitechapel/vendor/google/pixelstats_vendor.te vendored
View file

@ -16,19 +16,19 @@ allow pixelstats_vendor fwk_stats_service:service_manager find;
allow pixelstats_vendor sysfs_scsi_devices_0000:file rw_file_perms; allow pixelstats_vendor sysfs_scsi_devices_0000:file rw_file_perms;
allow pixelstats_vendor sysfs_pixelstats:file r_file_perms; allow pixelstats_vendor sysfs_pixelstats:file r_file_perms;
# Wireless charge
allow pixelstats_vendor sysfs_wlc:dir search; allow pixelstats_vendor sysfs_wlc:dir search;
allow pixelstats_vendor sysfs_wlc:file rw_file_perms; allow pixelstats_vendor sysfs_wlc:file rw_file_perms;
# Pca charge
allow pixelstats_vendor sysfs_pca:file rw_file_perms;
# OrientationCollector # OrientationCollector
allow pixelstats_vendor fwk_sensor_hwservice:hwservice_manager find; allow pixelstats_vendor fwk_sensor_hwservice:hwservice_manager find;
# Batery history # Batery history
allow pixelstats_vendor battery_history_device:chr_file r_file_perms; allow pixelstats_vendor battery_history_device:chr_file r_file_perms;
# Wireless charge
allow pixelstats_vendor sysfs_wlc:dir search;
allow pixelstats_vendor sysfs_wlc:file r_file_perms;
# BCL # BCL
allow pixelstats_vendor sysfs_bcl:dir search; allow pixelstats_vendor sysfs_bcl:dir search;
allow pixelstats_vendor sysfs_bcl:file r_file_perms; allow pixelstats_vendor sysfs_bcl:file r_file_perms;