Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
device_google_gs101/whitechapel/vendor/google/trusty_apploader.te
Kris Chen 5c76e0c1f3 trusty_apploader: Fix avc errors 
Fix the following avc denials:
trusty_apploade: type=1400 audit(0.0:3): avc: denied { read } for name="system" dev="tmpfs" ino=713 scontext=u:r:trusty_apploader:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=1
trusty_apploade: type=1400 audit(0.0:4): avc: denied { open } for path="/dev/dma_heap/system" dev="tmpfs" ino=713 scontext=u:r:trusty_apploader:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=1
trusty_apploade: type=1400 audit(0.0:5): avc: denied { ioctl } for path="/dev/dma_heap/system" dev="tmpfs" ino=713 ioctlcmd=0x4800 scontext=u:r:trusty_apploader:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=1

Bug: 180874342
Test: Verify no avc denied when trusty app is loaded.
Change-Id: Idbd850580220a1cb85a221d769d741f63cd8751f
2021-03-08 16:42:27 +08:00

7 lines
324 B
Text
Raw Blame History

type trusty_apploader, domain;
type trusty_apploader_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(trusty_apploader)
allow trusty_apploader ion_device:chr_file r_file_perms;
allow trusty_apploader tee_device:chr_file rw_file_perms;
allow trusty_apploader dmabuf_system_heap_device:chr_file r_file_perms;
Reference in a new issue View git blame Copy permalink