Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

consolidate display sysfs nodes into one context

Browse source 
Bug: 209890345
Bug: 209705194
Test: check selinux denial info
Signed-off-by: Shiyong Li <shiyongli@google.com>
Change-Id: I208f84caf0cbcd18bb3da8004362e6f996cbaba5
This commit is contained in:
Shiyong Li 2022-01-05 01:31:49 +00:00
parent bec2f8f10d
commit a781d5020b
6 changed files with 8 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

8
tracking_denials/hal_graphics_composer_default.te
View file

@ -27,14 +27,6 @@ dontaudit hal_graphics_composer_default sysfs:file { getattr };
dontaudit hal_graphics_composer_default sysfs:file { open }; dontaudit hal_graphics_composer_default sysfs:file { open };
dontaudit hal_graphics_composer_default sysfs:file { read }; dontaudit hal_graphics_composer_default sysfs:file { read };
dontaudit hal_graphics_composer_default sysfs:file { write }; dontaudit hal_graphics_composer_default sysfs:file { write };
dontaudit hal_graphics_composer_default sysfs_display:file { write };
# b/208721526 # b/208721526
dontaudit hal_graphics_composer_default dumpstate:fd { use }; dontaudit hal_graphics_composer_default dumpstate:fd { use };
dontaudit hal_graphics_composer_default dumpstate:fifo_file { write }; dontaudit hal_graphics_composer_default dumpstate:fifo_file { write };
# b/209705194
dontaudit hal_graphics_composer_default sysfs_sensors:file { getattr };
dontaudit hal_graphics_composer_default sysfs_sensors:file { open };
dontaudit hal_graphics_composer_default sysfs_sensors:file { write };
# b/209890345
dontaudit hal_graphics_composer_default sysfs_display:file { getattr };
dontaudit hal_graphics_composer_default sysfs_display:file { open };

4
tracking_denials/rlsservice.te
View file

@ -23,5 +23,5 @@ dontaudit rlsservice device:dir { watch };
dontaudit rlsservice sysfs:file { open }; dontaudit rlsservice sysfs:file { open };
dontaudit rlsservice sysfs:file { read }; dontaudit rlsservice sysfs:file { read };
# b/209705394 # b/209705394
dontaudit rlsservice sysfs_sensors:file { open }; dontaudit rlsservice sysfs_display:file { open };
dontaudit rlsservice sysfs_sensors:file { read }; dontaudit rlsservice sysfs_display:file { read };

1
whitechapel_pro/file.te
View file

@ -41,7 +41,6 @@ type sysfs_bcmdhd, sysfs_type, fs_type;
type sysfs_wlc, sysfs_type, fs_type; type sysfs_wlc, sysfs_type, fs_type;
type sysfs_chargelevel, sysfs_type, fs_type; type sysfs_chargelevel, sysfs_type, fs_type;
type sysfs_mfc, sysfs_type, fs_type; type sysfs_mfc, sysfs_type, fs_type;
type sysfs_sensors, sysfs_type, fs_type;
# debugfs # debugfs
type debugfs_f2fs, debugfs_type, fs_type; type debugfs_f2fs, debugfs_type, fs_type;

11
whitechapel_pro/genfs_contexts
View file

@ -60,6 +60,10 @@ genfscon sysfs /devices/platform/14700000.ufs/pixel/boot_lun_enabled u
# Display # Display
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/gamma u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/gamma u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/als_table u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/brightness u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/local_hbm_mode u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/state u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/hs_clock u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2c0000.drmdsim/hs_clock u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c240000.drmdecon/early_wakeup u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c240000.drmdecon/early_wakeup u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c242000.drmdecon/early_wakeup u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c242000.drmdecon/early_wakeup u:object_r:sysfs_display:s0
@ -149,10 +153,3 @@ genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-7/i2c-s2mpg12mfd/s2mp
#SecureElement #SecureElement
genfscon sysfs /devices/platform/181c0000.spi/spi_master/spi17/spi17.0/st33spi u:object_r:sysfs_st33spi:s0 genfscon sysfs /devices/platform/181c0000.spi/spi_master/spi17/spi17.0/st33spi u:object_r:sysfs_st33spi:s0
# Sensors HAL
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/als_table u:object_r:sysfs_sensors:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/brightness u:object_r:sysfs_sensors:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/local_hbm_mode u:object_r:sysfs_sensors:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/state u:object_r:sysfs_sensors:s0

2
whitechapel_pro/hal_power_stats_default.te
View file

@ -2,4 +2,4 @@ allow hal_power_stats_default sysfs_scsi_devices_0000:dir r_dir_perms;
allow hal_power_stats_default sysfs_scsi_devices_0000:file r_file_perms; allow hal_power_stats_default sysfs_scsi_devices_0000:file r_file_perms;
# allowed to access dislay stats sysfs node # allowed to access dislay stats sysfs node
allow hal_power_stats_default sysfs_sensors:file r_file_perms; allow hal_power_stats_default sysfs_display:file r_file_perms;

2
whitechapel_pro/hal_sensors_default.te
View file

@ -26,7 +26,7 @@ allow hal_sensors_default persist_sensor_reg_file:file r_file_perms;
allow hal_sensors_default sensor_reg_data_file:dir r_dir_perms; allow hal_sensors_default sensor_reg_data_file:dir r_dir_perms;
# Allow access to the display info for ALS. # Allow access to the display info for ALS.
allow hal_sensors_default sysfs_sensors:file rw_file_perms; allow hal_sensors_default sysfs_display:file rw_file_perms;
# Allow access to the AoC clock and kernel boot time sys FS node. This is needed # Allow access to the AoC clock and kernel boot time sys FS node. This is needed
# to synchronize the AP and AoC clock timestamps. # to synchronize the AP and AoC clock timestamps.