From 6f45c41a7612c0978db78d0cd8281dadd393cdb5 Mon Sep 17 00:00:00 2001 From: Darren Hsu Date: Tue, 13 Sep 2022 10:19:09 +0800 Subject: [PATCH] sepolicy: allow binder call for hal_power_stats and hal_bluetooth avc: denied { call } for comm="bluetooth@1.1-s" scontext=u:r:hal_bluetooth_synabtlinux:s0 tcontext=u:r:hal_power_stats_default:s0 tclass=binder permissive=0 avc: denied { call } for scontext=u:r:hal_bluetooth_synabtlinux:s0 tcontext=u:r:hal_power_stats_default:s0 tclass=binder permissive=1 avc: denied { read } for comm="android.hardwar" name="u:object_r:boot_status_prop:s0" dev="tmpfs" ino=109 scontext=u:r:hal_bluetooth_synabtlinux:s0 tcontext=u:object_r:boot_status_prop:s0 tclass=file permissive=0 Bug: 215487801 , 262386677 Test: captured bugreport and didn't see powerstats avc denials Change-Id: I34840b7f8031084270477635c2bde5d702a0507c Signed-off-by: Darren Hsu (cherry picked from commit ccd9f49f2bfafe83993345558d03ac344db3295a) --- bluetooth/hal_bluetooth_default.te | 2 ++ vendor/hal_power_stats_default.te | 2 ++ 2 files changed, 4 insertions(+) create mode 100644 vendor/hal_power_stats_default.te diff --git a/bluetooth/hal_bluetooth_default.te b/bluetooth/hal_bluetooth_default.te index b8091d9..c764133 100644 --- a/bluetooth/hal_bluetooth_default.te +++ b/bluetooth/hal_bluetooth_default.te @@ -10,6 +10,8 @@ allow hal_bluetooth_synabtlinux hci_attach_dev:chr_file rw_file_perms; allow hal_bluetooth_synabtlinux hal_power_stats_vendor_service:service_manager find; add_hwservice(hal_bluetooth_synabtlinux, hal_bluetooth_coexistence_hwservice) vndbinder_use(hal_bluetooth_synabtlinux) +binder_call(hal_bluetooth_synabtlinux, hal_power_stats_default) +get_prop(hal_bluetooth_synabtlinux, boot_status_prop) allow hal_bluetooth_synabtlinux sscoredump_vendor_data_crashinfo_file:dir create_dir_perms; allow hal_bluetooth_synabtlinux sscoredump_vendor_data_crashinfo_file:file create_file_perms; diff --git a/vendor/hal_power_stats_default.te b/vendor/hal_power_stats_default.te new file mode 100644 index 0000000..a81c9ba --- /dev/null +++ b/vendor/hal_power_stats_default.te @@ -0,0 +1,2 @@ +# getStateResidency AIDL callback for Bluetooth HAL +binder_call(hal_power_stats_default, hal_bluetooth_synabtlinux)