From b958dd13ad83f5d278dcb094f9e4a9daaed5a7f4 Mon Sep 17 00:00:00 2001 From: Xiaofan Jiang Date: Wed, 14 Aug 2024 00:34:31 +0000 Subject: [PATCH 1/4] gs201: update shared_modem_platform sepolicy for UMI Bug: 357139752 Flag: EXEMPT sepolicy [ 68.189198] type=1400 audit(1722986580.568:59): avc: denied { unlink } for comm="binder:892_2" name="modem_svc_socket" dev="dm-52" ino=20239 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=sock_file permissive=1 [ 68.189448] type=1400 audit(1722986580.568:60): avc: denied { create } for comm="binder:892_2" name="modem_svc_socket" scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=sock_file permissive=1 Change-Id: I0bbef83a3915e4c0e284296bc5b59e0ce6cf6f15 --- whitechapel_pro/modem_svc_sit.te | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/whitechapel_pro/modem_svc_sit.te b/whitechapel_pro/modem_svc_sit.te index 5a703c9e..606cd520 100644 --- a/whitechapel_pro/modem_svc_sit.te +++ b/whitechapel_pro/modem_svc_sit.te @@ -48,4 +48,9 @@ perfetto_producer(modem_svc_sit) # Allow modem_svc_sit to access modem image file/dir allow modem_svc_sit modem_img_file:dir r_dir_perms; allow modem_svc_sit modem_img_file:file r_file_perms; -allow modem_svc_sit modem_img_file:lnk_file r_file_perms; \ No newline at end of file +allow modem_svc_sit modem_img_file:lnk_file r_file_perms; + +# Allow modem_svc_sit to access socket for UMI +userdebug_or_eng(` + allow modem_svc_sit radio_vendor_data_file:sock_file { create unlink }; +') From 84725d0c7ac050c9c6e667b8dd0c0e93cb32f7c5 Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Thu, 15 Aug 2024 08:53:22 +0000 Subject: [PATCH 2/4] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 360057889 Test: scanBugreport Bug: 359428317 Test: scanAvcDeniedLogRightAfterReboot Bug: 359428317 Flag: EXEMPT bugFix Change-Id: I9d573610f24054bd6ea8bb3307d0102da077dc55 --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 92419c05..58f57c8e 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -3,6 +3,7 @@ dumpstate unlabeled file b/350832009 hal_face_default traced_producer_socket sock_file b/305600808 hal_power_default hal_power_default capability b/237492146 hal_sensors_default sysfs file b/336451433 +hal_vibrator_default default_android_service service_manager b/360057889 incidentd debugfs_wakeup_sources file b/282626428 incidentd incidentd anon_inode b/282626428 insmod-sh insmod-sh key b/336451874 From 0eae05186f1ea18a9ea2218a6aaec1134ea7df3c Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Thu, 15 Aug 2024 08:30:36 +0000 Subject: [PATCH 3/4] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 360057889 Test: scanBugreport Bug: 359428317 Test: scanAvcDeniedLogRightAfterReboot Bug: 359428317 Flag: EXEMPT bugFix Change-Id: Iaec87b719446dbef5dc3d8d8d563cf3f47a2a584 From 4f8e79e4e5846225f04027bfb978b22faf6d6844 Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Thu, 15 Aug 2024 08:32:44 +0000 Subject: [PATCH 4/4] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 360057889 Test: scanBugreport Bug: 359428317 Test: scanAvcDeniedLogRightAfterReboot Bug: 359428317 Flag: EXEMPT bugFix Change-Id: I3d4a7bfbaab36136fbde6bbd56239e43cc9b012d