sepolicy: allow dumpstate to execute dump_power
10-04 19:36:47.308 7141 7141 I android.hardwar: type=1400 audit(0.0:6974): avc: denied { execute_no_trans } for path="/vendor/bin/dump/dump_power" dev="overlay" ino=91 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=1
10-04 19:36:47.332 7141 7141 I dump_power: type=1400 audit(0.0:6975): avc: denied { read } for name="acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332 7141 7141 I dump_power: type=1400 audit(0.0:6976): avc: denied { open } for path="/sys/devices/platform/acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332 7141 7141 I dump_power: type=1400 audit(0.0:6977): avc: denied { search } for name="acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332 7141 7141 I dump_power: type=1400 audit(0.0:6978): avc: denied { read } for name="core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.332 7141 7141 I dump_power: type=1400 audit(0.0:6979): avc: denied { open } for path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.332 7141 7141 I dump_power: type=1400 audit(0.0:6980): avc: denied { getattr } for path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.336 7141 7141 I dump_power: type=1400 audit(0.0:6981): avc: denied { read } for name="time_in_state" dev="sysfs" ino=50604 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:25): avc: denied { read } for name="version" dev="sysfs" ino=62887 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:26): avc: denied { read } for name="version" dev="sysfs" ino=62887 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:27): avc: denied { read } for name="status" dev="sysfs" ino=62888 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:28): avc: denied { read } for name="status" dev="sysfs" ino=62888 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:29): avc: denied { read } for name="fw_rev" dev="sysfs" ino=62915 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:30): avc: denied { read } for name="fw_rev" dev="sysfs" ino=62915 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:46:57.664 7194 7194 W dump_power: type=1400 audit(0.0:29): avc: denied { search } for name="battery" dev="sysfs" ino=63428 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664 7194 7194 W dump_power: type=1400 audit(0.0:30): avc: denied { search } for name="10d50000.hsi2c" dev="sysfs" ino=21301 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664 7194 7194 W dump_power: type=1400 audit(0.0:31): avc: denied { search } for name="power_supply" dev="sysfs" ino=79013 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664 7194 7194 W dump_power: type=1400 audit(0.0:32): avc: denied { search } for name="power_supply" dev="sysfs" ino=79013 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664 7194 7194 W dump_power: type=1400 audit(0.0:33): avc: denied { search } for name="10d50000.hsi2c" dev="sysfs" ino=21301 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18792): avc: denied { search } for name="battery" dev="sysfs" ino=63428 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18793): avc: denied { read } for name="uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18794): avc: denied { open } for path="/sys/devices/platform/google,battery/power_supply/battery/uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18795): avc: denied { getattr } for path="/sys/devices/platform/google,battery/power_supply/battery/uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18796): avc: denied { search } for name="8-003c" dev="sysfs" ino=55942 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18797): avc: denied { read } for name="maxfg" dev="sysfs" ino=62568 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18798): avc: denied { read } for name="logbuffer_tcpm" dev="tmpfs" ino=1285 scontext=u:r:dump_power:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18799): avc: denied { open } for path="/dev/logbuffer_tcpm" dev="tmpfs" ino=1285 scontext=u:r:dump_power:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=1
10-04 22:01:08.400 7074 7074 I dump_power: type=1400 audit(0.0:6191): avc: denied { search } for name="mitigation" dev="dm-50" ino=3758 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=dir permissive=1
10-04 22:01:08.400 7074 7074 I dump_power: type=1400 audit(0.0:6192): avc: denied { read } for name="thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400 7074 7074 I dump_power: type=1400 audit(0.0:6193): avc: denied { open } for path="/data/vendor/mitigation/thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400 7074 7074 I dump_power: type=1400 audit(0.0:6194): avc: denied { getattr } for path="/data/vendor/mitigation/thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400 7074 7074 I dump_power: type=1400 audit(0.0:6195): avc: denied { search } for name="mitigation" dev="sysfs" ino=85222 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400 7074 7074 I dump_power: type=1400 audit(0.0:6196): avc: denied { read } for name="last_triggered_count" dev="sysfs" ino=85275 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400 7074 7074 I dump_power: type=1400 audit(0.0:6197): avc: denied { open } for path="/sys/devices/virtual/pmic/mitigation/last_triggered_count" dev="sysfs" ino=85275 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400 7074 7074 I dump_power: type=1400 audit(0.0:6198): avc: denied { read } for name="batoilo_count" dev="sysfs" ino=85287 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=file permissive=1
10-04 23:49:14.616 6976 6976 I dump_power: type=1400 audit(0.0:875): avc: denied { read } for name="thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 23:49:14.616 6976 6976 I dump_power: type=1400 audit(0.0:876): avc: denied { open } for path="/data/vendor/mitigation/thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 23:49:14.616 6976 6976 I dump_power: type=1400 audit(0.0:877): avc: denied { getattr } for path="/data/vendor/mitigation/thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-05 00:00:44.540 7085 7085 I dump_power: type=1400 audit(0.0:878): avc: denied { read } for name="acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.540 7085 7085 I dump_power: type=1400 audit(0.0:879): avc: denied { open } for path="/sys/devices/platform/acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.540 7085 7085 I dump_power: type=1400 audit(0.0:880): avc: denied { search } for name="acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.544 7085 7085 I dump_power: type=1400 audit(0.0:881): avc: denied { read } for name="core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544 7085 7085 I dump_power: type=1400 audit(0.0:882): avc: denied { open } for path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544 7085 7085 I dump_power: type=1400 audit(0.0:883): avc: denied { getattr } for path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544 7085 7085 I dump_power: type=1400 audit(0.0:884): avc: denied { read } for name="time_in_state" dev="sysfs" ino=45585 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
10-05 00:00:44.544 7085 7085 I dump_power: type=1400 audit(0.0:885): avc: denied { open } for path="/sys/devices/platform/cpupm/cpupm/time_in_state" dev="sysfs" ino=45585 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
Flag: EXEMPT refactor
Bug: 364989823
Signed-off-by: samou <samou@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:315cc63557dfd4367f8aed06858531b21b9ee073)
Merged-In: Ie4637b1295975c716f50333ad6635b9694a624b8
Change-Id: Ie4637b1295975c716f50333ad6635b9694a624b8
This commit is contained in:
samou
Android Build Coastguard Worker
parent
db20648f4a
commit
3f3827410c
2 changed files with 16 additions and 0 deletions
15
whitechapel_pro/dump_power.te
Normal file
15
whitechapel_pro/dump_power.te
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
# Allow dumpstate to execute dump_power
|
||||
pixel_bugreport(dump_power);
|
||||
|
||||
allow dump_power sysfs_acpm_stats:dir r_dir_perms;
|
||||
allow dump_power sysfs_acpm_stats:file r_file_perms;
|
||||
allow dump_power sysfs_cpu:file r_file_perms;
|
||||
allow dump_power sysfs_wlc:file r_file_perms;
|
||||
allow dump_power sysfs_wlc:dir search;
|
||||
allow dump_power sysfs_batteryinfo:dir r_dir_perms;
|
||||
allow dump_power sysfs_batteryinfo:file r_file_perms;
|
||||
allow dump_power logbuffer_device:chr_file r_file_perms;
|
||||
allow dump_power mitigation_vendor_data_file:dir r_dir_perms;
|
||||
allow dump_power mitigation_vendor_data_file:file r_file_perms;
|
||||
allow dump_power sysfs_bcl:dir r_dir_perms;
|
||||
allow dump_power sysfs_bcl:file r_file_perms;
|
||||
|
|
@ -15,6 +15,7 @@
|
|||
/vendor/bin/trusty_apploader u:object_r:trusty_apploader_exec:s0
|
||||
/vendor/bin/trusty_metricsd u:object_r:trusty_metricsd_exec:s0
|
||||
/vendor/bin/dumpsys u:object_r:vendor_dumpsys:s0
|
||||
/vendor/bin/dump/dump_power u:object_r:dump_power_exec:s0
|
||||
/vendor/bin/init\.uwb\.calib\.sh u:object_r:vendor_uwb_init_exec:s0
|
||||
/vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.trusty u:object_r:hal_gatekeeper_default_exec:s0
|
||||
/vendor/bin/hw/android\.hardware\.gatekeeper-service\.trusty u:object_r:hal_gatekeeper_default_exec:s0
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue