From 1e88b530fa7b45d707e34a8743a5ab07d2521eed Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Wed, 6 Apr 2022 09:41:31 +0800 Subject: [PATCH] let sensor access aoc 04-03 05:57:12.776 859 859 I auditd : type=1400 audit(0.0:7): avc: denied { read } for comm="UsfHalWorker" name="services" dev="sysfs" ino=69355 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_aoc_dumpstate:s0 tclass=file permissive=0 04-03 05:57:12.776 859 859 I auditd : type=1400 audit(0.0:8): avc: denied { write } for comm="UsfHalWorker" name="reset" dev="sysfs" ino=69363 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_aoc_reset:s0 tclass=file permissive=0 Bug: 228030183 Bug: 228030193 Test: boot with no relevant errors Change-Id: I87fd1aa1dc9b9cf42b23fb0e7f5d4e5b6f845610 --- whitechapel_pro/hal_sensors_default.te | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/whitechapel_pro/hal_sensors_default.te b/whitechapel_pro/hal_sensors_default.te index 65f2db8a..b33741e5 100644 --- a/whitechapel_pro/hal_sensors_default.te +++ b/whitechapel_pro/hal_sensors_default.te @@ -48,6 +48,12 @@ allow hal_sensors_default sysfs_chosen:file r_file_perms; # Allow access to sensor service for sensor_listener. binder_call(hal_sensors_default, system_server); +# Allow sensor HAL to reset AOC. +allow hal_sensors_default sysfs_aoc_reset:file rw_file_perms; + +# Allow sensor HAL to read AoC dumpstate. +allow hal_sensors_default sysfs_aoc_dumpstate:file r_file_perms; + # Allow sensor HAL to access the display service HAL allow hal_sensors_default hal_pixel_display_service:service_manager find;