From 5df8045c3bf0c76041584ad36c9388575ea2784f Mon Sep 17 00:00:00 2001 From: chiayupei Date: Mon, 14 Nov 2022 08:42:46 +0000 Subject: [PATCH] hal_sensors_default: Add sepolicy for MagCC. avc: denied { search } for name="battery" dev="sysfs" ino=78703 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1 avc: denied { read } for name="status" dev="sysfs" ino=78714 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1 avc: denied { open } for path="/sys/devices/platform/google,battery/power_supply/battery/status" dev="sysfs" ino=78714 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1 avc: denied { getattr } for path="/sys/devices/platform/google,battery/power_supply/battery/status" dev="sysfs" ino=78714 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1 avc: denied { read } for name="status" dev="sysfs" ino=78714 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1 avc: denied { search } for name="i2c-p9222" dev="sysfs" ino=69679 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=1 Bug: 254155730 Test: Manually test no avc denied for MagCC Change-Id: Ie5261b39187ffcdf645ae64727c54643bdbc1c47 Signed-off-by: chiayupei --- whitechapel_pro/hal_sensors_default.te | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/whitechapel_pro/hal_sensors_default.te b/whitechapel_pro/hal_sensors_default.te index bb3a9139..fcd758a4 100644 --- a/whitechapel_pro/hal_sensors_default.te +++ b/whitechapel_pro/hal_sensors_default.te @@ -81,3 +81,8 @@ binder_call(hal_sensors_default, hal_graphics_composer_default); # Allow display_info_service access to the backlight driver. allow hal_sensors_default sysfs_write_leds:file rw_file_perms; + +# Allow access to the power supply files for MagCC. +r_dir_file(hal_sensors_default, sysfs_batteryinfo) +allow hal_sensors_default sysfs_wlc:dir r_dir_perms; +