sepolicy: fix avc denial
fix avc denial Test: bott passed and no avc log after boot Bug: 260769063 Bug: 261105028 Bug: 260366126 Bug: 261650934 Bug: 262178497 Bug: 262315567 Bug: 262633072 Change-Id: I926d535fe6871726b5cd0602e436f6b5a3a9e736 Signed-off-by: Chungkai Mei <chungkai@google.com>
This commit is contained in:
Chungkai Mei
parent
3b97d74811
commit
171bfb004b
5 changed files with 20 additions and 37 deletions
|
|
@ -1,36 +0,0 @@
|
|||
# b/260366126
|
||||
dontaudit hal_power_default sysfs:file { open };
|
||||
dontaudit hal_power_default sysfs:file { write };
|
||||
dontaudit hal_power_default sysfs_camera:file { open };
|
||||
dontaudit hal_power_default sysfs_camera:file { write };
|
||||
dontaudit hal_power_default sysfs_display:file { open };
|
||||
dontaudit hal_power_default sysfs_display:file { write };
|
||||
dontaudit hal_power_default sysfs_fabric:file { open };
|
||||
dontaudit hal_power_default sysfs_fabric:file { write };
|
||||
dontaudit hal_power_default vendor_camera_prop:property_service { set };
|
||||
# b/260769063
|
||||
dontaudit hal_power_default hal_graphics_composer_default:binder { transfer };
|
||||
# b/261105028
|
||||
dontaudit hal_power_default hal_fingerprint_default:binder { transfer };
|
||||
# b/261650934
|
||||
dontaudit hal_power_default hal_camera_default:binder { transfer };
|
||||
# b/262178497
|
||||
dontaudit hal_power_default sysfs_fabric:file { read };
|
||||
# b/262315567
|
||||
dontaudit hal_power_default sysfs:file { getattr };
|
||||
dontaudit hal_power_default sysfs:file { read };
|
||||
dontaudit hal_power_default sysfs_display:file { getattr };
|
||||
dontaudit hal_power_default sysfs_display:file { read };
|
||||
dontaudit hal_power_default sysfs_fabric:file { getattr };
|
||||
# b/262633072
|
||||
dontaudit hal_power_default hal_power_default:capability { dac_read_search };
|
||||
dontaudit hal_power_default sysfs_camera:file { getattr };
|
||||
dontaudit hal_power_default sysfs_camera:file { read };
|
||||
dontaudit hal_power_default vendor_camera_prop:file { getattr };
|
||||
dontaudit hal_power_default vendor_camera_prop:file { map };
|
||||
dontaudit hal_power_default vendor_camera_prop:file { open };
|
||||
dontaudit hal_power_default vendor_camera_prop:file { read };
|
||||
# b/264489779
|
||||
userdebug_or_eng(`
|
||||
permissive hal_power_default;
|
||||
')
|
||||
Loading…
Add table
Add a link
Reference in a new issue