Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sepolicy: allow kernel to search vendor debugfs

Browse source 
audit: type=1400 audit(1710259012.824:4): avc:  denied  { search } for  pid=128 comm="kworker/3:1" name="max77779fg" dev="debugfs" ino=24204 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_maxfg_debugfs:s0 tclass=dir permissive=0
audit: type=1400 audit(1710427790.680:2): avc:  denied  { search } for  pid=10 comm="kworker/u16:1" name="gvotables" dev="debugfs" ino=10582 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_votable_debugfs:s0 tclass=dir permissive=1
audit: type=1400 audit(1710427790.680:3): avc:  denied  { search } for  pid=211 comm="kworker/u16:4" name="google_charger" dev="debugfs" ino=16673 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_charger_debugfs:s0 tclass=dir permissive=1

Bug: 328016570
Bug: 329317898
Test: check all debugfs folders are correctly mounted
Change-Id: I0e0c2fee4d508cc4e76714df0efbe5eca7ca5966
Signed-off-by: Spade Lee <spadelee@google.com>
This commit is contained in:
Spade Lee 2024-03-19 07:52:45 +00:00
parent 28e6526f84
commit 0ac2d9f7bc
1 changed files with 6 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

15
vendor/kernel.te vendored
View file

@ -8,19 +8,16 @@ allow kernel per_boot_file:file r_file_perms;
allow kernel self:capability2 perfmon; allow kernel self:capability2 perfmon;
allow kernel self:perf_event cpu; allow kernel self:perf_event cpu;
no_debugfs_restriction(` userdebug_or_eng(`
allow kernel vendor_battery_debugfs:dir search; allow kernel vendor_battery_debugfs:dir search;
allow kernel vendor_regmap_debugfs:dir search;
allow kernel vendor_usb_debugfs:dir search;
allow kernel vendor_votable_debugfs:dir search;
allow kernel vendor_charger_debugfs:dir search;
allow kernel vendor_maxfg_debugfs:dir search;
') ')
dontaudit kernel vendor_maxfg_debugfs:dir search;
dontaudit kernel sepolicy_file:file getattr; dontaudit kernel sepolicy_file:file getattr;
dontaudit kernel system_bootstrap_lib_file:dir getattr; dontaudit kernel system_bootstrap_lib_file:dir getattr;
dontaudit kernel system_bootstrap_lib_file:file getattr; dontaudit kernel system_bootstrap_lib_file:file getattr;
dontaudit kernel system_dlkm_file:dir getattr; dontaudit kernel system_dlkm_file:dir getattr;
dontaudit kernel vendor_battery_debugfs:dir search;
dontaudit kernel vendor_charger_debugfs:dir search;
dontaudit kernel vendor_votable_debugfs:dir search;
dontaudit kernel vendor_usb_debugfs:dir search;
allow kernel vendor_regmap_debugfs:dir search;