Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
device_google_gs201/whitechapel_pro/rild.te
Jinting Lin 94d7f6cce6 Fix avc denied for slsi engineermode app 
log:
avc: denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:platform_app:s0:c512,c768 pid=5111 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
avc: denied { call } for comm="si.engineermode" scontext=u:r:platform_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=0 app=com.samsung.slsi.engineermode
avc: denied { call } for comm="HwBinder:1016_1" scontext=u:r:rild:s0 tcontext=u:r:platform_app:s0:c512,c768 tclass=binder permissive=0
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=154 scontext=u:r:vendor_engineermode_app:s0:c225,c256,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.samsung.slsi.engineermode

Test: side load the trail build sepolicy, then check the app

Bug: 221482792
Change-Id: I84768ed128a2b8c57d6a3e0a0f0aa8c4d4b91857
2022-03-03 01:01:08 +00:00

37 lines
1.2 KiB
Text
Raw Blame History

set_prop(rild, vendor_rild_prop)
set_prop(rild, vendor_modem_prop)
get_prop(rild, vendor_persist_config_default_prop)
get_prop(rild, vendor_carrier_prop)
get_prop(rild, sota_prop)
get_prop(rild, system_boot_reason_prop)
allow rild proc_net:file rw_file_perms;
allow rild radio_vendor_data_file:dir create_dir_perms;
allow rild radio_vendor_data_file:file create_file_perms;
allow rild rild_vendor_data_file:dir create_dir_perms;
allow rild rild_vendor_data_file:file create_file_perms;
allow rild vendor_fw_file:file r_file_perms;
allow rild mnt_vendor_file:dir r_dir_perms;
r_dir_file(rild, modem_img_file)
binder_call(rild, bipchmgr)
binder_call(rild, gpsd)
binder_call(rild, hal_audio_default)
binder_call(rild, modem_svc_sit)
binder_call(rild, vendor_ims_app)
binder_call(rild, vendor_rcs_app)
binder_call(rild, oemrilservice_app)
binder_call(rild, hal_secure_element_uicc)
binder_call(rild, grilservice_app)
binder_call(rild, vendor_engineermode_app)
# for hal service
add_hwservice(rild, hal_exynos_rild_hwservice)
allow rild hal_audio_ext_hwservice:hwservice_manager find;
# Allow rild to access files on modem img.
allow rild modem_img_file:dir r_dir_perms;
allow rild modem_img_file:file r_file_perms;
allow rild modem_img_file:lnk_file r_file_perms;
Reference in a new issue View git blame Copy permalink