From 28cc58257fedf850a2f2cbae7cfbf796182df6ba Mon Sep 17 00:00:00 2001 From: Chien Kun Niu Date: Tue, 14 Mar 2023 17:03:50 +0800 Subject: [PATCH] usb: allow hal_usb_gadget_impl sysfs_batteryinfo permission Allow hal_usb_gadget_imple sysfs_batteryinfo r_dir_perms and rw_file_perms [ 8.237410] [ T379] type=1400 audit(1678784127.396:4): avc: denied { search } for comm="HwBinder:762_1" name="power_supply" dev="sysfs" ino=73783 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1 [ 8.237556] [ T379] type=1400 audit(1678784127.396:5): avc: denied { read } for comm="HwBinder:762_1" name="usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1 [ 8.237584] [ T379] type=1400 audit(1678784127.396:6): avc: denied { open } for comm="HwBinder:762_1" path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0025/power_supply/usb/usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1 [ 8.237603] [ T379] type=1400 audit(1678784127.396:7): avc: denied { getattr } for comm="HwBinder:762_1" path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0025/power_supply/usb/usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1 Bug: 272166827 Test: Check avc denied log Change-Id: Iecbf6ff712924b60ce186b75a76cf25f3b48e72d --- vendor/hal_usb_gadget_impl.te | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vendor/hal_usb_gadget_impl.te b/vendor/hal_usb_gadget_impl.te index 30041467..2b1494f2 100644 --- a/vendor/hal_usb_gadget_impl.te +++ b/vendor/hal_usb_gadget_impl.te @@ -15,3 +15,6 @@ allow hal_usb_gadget_impl proc_interrupts:file r_file_perms; # change irq to other cores allow hal_usb_gadget_impl proc_irq:dir r_dir_perms; allow hal_usb_gadget_impl proc_irq:file w_file_perms; + +allow hal_usb_gadget_impl sysfs_batteryinfo:dir r_dir_perms; +allow hal_usb_gadget_impl sysfs_batteryinfo:file rw_file_perms;