update error on ROM 9359906
Bug: 261105374 Bug: 261105238 Bug: 261105224 Bug: 261105182 Bug: 261105164 Bug: 261105029 Bug: 261105028 Bug: 261105152 Bug: 261105336 Bug: 261105354 Bug: 261105092 Bug: 261105356 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I66bbcedd4a0566f27561017bc7dcdca81a5ab67a
This commit is contained in:
Adam Shih
parent
f40edb1ad5
commit
6d88af1c59
12 changed files with 156 additions and 0 deletions
|
|
@ -1,2 +1,9 @@
|
|||
# b/260522279
|
||||
dontaudit bootanim system_data_file:dir { search };
|
||||
# b/261105374
|
||||
dontaudit bootanim default_android_service:service_manager { find };
|
||||
dontaudit bootanim vendor_file:file { execute };
|
||||
dontaudit bootanim vendor_file:file { getattr };
|
||||
dontaudit bootanim vendor_file:file { map };
|
||||
dontaudit bootanim vendor_file:file { open };
|
||||
dontaudit bootanim vendor_file:file { read };
|
||||
|
|
|
|||
2
tracking_denials/bootdevice_sysdev.te
Normal file
2
tracking_denials/bootdevice_sysdev.te
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
# b/261105238
|
||||
dontaudit bootdevice_sysdev sysfs:filesystem { associate };
|
||||
|
|
@ -5,3 +5,11 @@ dontaudit chre aoc_device:chr_file { read write };
|
|||
dontaudit chre chre:capability2 { block_suspend };
|
||||
dontaudit chre device:dir { read };
|
||||
dontaudit chre device:dir { watch };
|
||||
# b/261105224
|
||||
dontaudit chre hal_system_suspend_service:service_manager { find };
|
||||
dontaudit chre servicemanager:binder { call };
|
||||
dontaudit chre sysfs_aoc:dir { search };
|
||||
dontaudit chre sysfs_aoc_boottime:file { getattr };
|
||||
dontaudit chre sysfs_aoc_boottime:file { open };
|
||||
dontaudit chre sysfs_aoc_boottime:file { read };
|
||||
dontaudit chre system_suspend_server:binder { call };
|
||||
|
|
|
|||
3
tracking_denials/hal_contexthub_default.te
Normal file
3
tracking_denials/hal_contexthub_default.te
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
# b/261105182
|
||||
dontaudit hal_contexthub_default chre:unix_stream_socket { connectto };
|
||||
dontaudit hal_contexthub_default chre_socket:sock_file { write };
|
||||
31
tracking_denials/hal_fingerprint_default.te
Normal file
31
tracking_denials/hal_fingerprint_default.te
Normal file
|
|
@ -0,0 +1,31 @@
|
|||
# b/261105164
|
||||
dontaudit hal_fingerprint_default block_device:dir { search };
|
||||
dontaudit hal_fingerprint_default dmabuf_system_heap_device:chr_file { ioctl };
|
||||
dontaudit hal_fingerprint_default dmabuf_system_heap_device:chr_file { open };
|
||||
dontaudit hal_fingerprint_default dmabuf_system_heap_device:chr_file { read };
|
||||
dontaudit hal_fingerprint_default fingerprint_device:chr_file { ioctl };
|
||||
dontaudit hal_fingerprint_default fingerprint_device:chr_file { open };
|
||||
dontaudit hal_fingerprint_default fingerprint_device:chr_file { read write };
|
||||
dontaudit hal_fingerprint_default fwk_stats_service:service_manager { find };
|
||||
dontaudit hal_fingerprint_default hal_fingerprint_default:netlink_socket { bind };
|
||||
dontaudit hal_fingerprint_default hal_fingerprint_default:netlink_socket { create };
|
||||
dontaudit hal_fingerprint_default hal_fingerprint_default:netlink_socket { read };
|
||||
dontaudit hal_fingerprint_default hal_fingerprint_default:netlink_socket { write };
|
||||
dontaudit hal_fingerprint_default hal_power_default:binder { call };
|
||||
dontaudit hal_fingerprint_default hal_power_service:service_manager { find };
|
||||
dontaudit hal_fingerprint_default mfg_data_block_device:blk_file { open };
|
||||
dontaudit hal_fingerprint_default mfg_data_block_device:blk_file { read write };
|
||||
dontaudit hal_fingerprint_default sysfs_chosen:dir { search };
|
||||
dontaudit hal_fingerprint_default sysfs_chosen:file { open };
|
||||
dontaudit hal_fingerprint_default sysfs_chosen:file { read };
|
||||
dontaudit hal_fingerprint_default sysfs_display:file { getattr };
|
||||
dontaudit hal_fingerprint_default sysfs_display:file { open };
|
||||
dontaudit hal_fingerprint_default sysfs_display:file { read };
|
||||
dontaudit hal_fingerprint_default tee_device:chr_file { ioctl };
|
||||
dontaudit hal_fingerprint_default tee_device:chr_file { open };
|
||||
dontaudit hal_fingerprint_default tee_device:chr_file { read write };
|
||||
dontaudit hal_fingerprint_default vendor_fingerprint_prop:file { getattr };
|
||||
dontaudit hal_fingerprint_default vendor_fingerprint_prop:file { map };
|
||||
dontaudit hal_fingerprint_default vendor_fingerprint_prop:file { open };
|
||||
dontaudit hal_fingerprint_default vendor_fingerprint_prop:file { read };
|
||||
dontaudit hal_fingerprint_default vendor_fingerprint_prop:property_service { set };
|
||||
|
|
@ -14,3 +14,41 @@ dontaudit hal_graphics_composer_default sysfs_leds:file { getattr };
|
|||
dontaudit hal_graphics_composer_default sysfs_leds:file { open };
|
||||
dontaudit hal_graphics_composer_default sysfs_leds:file { read };
|
||||
dontaudit hal_graphics_composer_default vndbinder_device:chr_file { ioctl };
|
||||
# b/261105029
|
||||
dontaudit hal_graphics_composer_default boot_status_prop:file { getattr };
|
||||
dontaudit hal_graphics_composer_default boot_status_prop:file { map };
|
||||
dontaudit hal_graphics_composer_default boot_status_prop:file { open };
|
||||
dontaudit hal_graphics_composer_default boot_status_prop:file { read };
|
||||
dontaudit hal_graphics_composer_default device_config_surface_flinger_native_boot_prop:file { getattr };
|
||||
dontaudit hal_graphics_composer_default device_config_surface_flinger_native_boot_prop:file { map };
|
||||
dontaudit hal_graphics_composer_default device_config_surface_flinger_native_boot_prop:file { open };
|
||||
dontaudit hal_graphics_composer_default device_config_surface_flinger_native_boot_prop:file { read };
|
||||
dontaudit hal_graphics_composer_default hal_graphics_composer_default:netlink_kobject_uevent_socket { bind };
|
||||
dontaudit hal_graphics_composer_default hal_graphics_composer_default:netlink_kobject_uevent_socket { create };
|
||||
dontaudit hal_graphics_composer_default hal_pixel_display_service:service_manager { add };
|
||||
dontaudit hal_graphics_composer_default hal_power_service:service_manager { find };
|
||||
dontaudit hal_graphics_composer_default mnt_vendor_file:dir { search };
|
||||
dontaudit hal_graphics_composer_default persist_display_file:dir { search };
|
||||
dontaudit hal_graphics_composer_default persist_display_file:file { getattr };
|
||||
dontaudit hal_graphics_composer_default persist_display_file:file { open };
|
||||
dontaudit hal_graphics_composer_default persist_display_file:file { read };
|
||||
dontaudit hal_graphics_composer_default persist_file:dir { search };
|
||||
dontaudit hal_graphics_composer_default sysfs_display:file { getattr };
|
||||
dontaudit hal_graphics_composer_default sysfs_display:file { open };
|
||||
dontaudit hal_graphics_composer_default sysfs_display:file { read };
|
||||
dontaudit hal_graphics_composer_default sysfs_display:file { write };
|
||||
dontaudit hal_graphics_composer_default sysfs_leds:file { write };
|
||||
dontaudit hal_graphics_composer_default vendor_display_prop:file { getattr };
|
||||
dontaudit hal_graphics_composer_default vendor_display_prop:file { map };
|
||||
dontaudit hal_graphics_composer_default vendor_display_prop:file { open };
|
||||
dontaudit hal_graphics_composer_default vendor_display_prop:file { read };
|
||||
dontaudit hal_graphics_composer_default vendor_displaycolor_service:service_manager { add };
|
||||
dontaudit hal_graphics_composer_default vendor_displaycolor_service:service_manager { find };
|
||||
dontaudit hal_graphics_composer_default vendor_surfaceflinger_vndservice:service_manager { add };
|
||||
dontaudit hal_graphics_composer_default vendor_surfaceflinger_vndservice:service_manager { find };
|
||||
dontaudit hal_graphics_composer_default vndbinder_device:chr_file { map };
|
||||
dontaudit hal_graphics_composer_default vndbinder_device:chr_file { open };
|
||||
dontaudit hal_graphics_composer_default vndbinder_device:chr_file { read };
|
||||
dontaudit hal_graphics_composer_default vndbinder_device:chr_file { write };
|
||||
dontaudit hal_graphics_composer_default vndservicemanager:binder { call };
|
||||
dontaudit hal_graphics_composer_default vndservicemanager:binder { transfer };
|
||||
|
|
|
|||
|
|
@ -10,3 +10,5 @@ dontaudit hal_power_default sysfs_fabric:file { write };
|
|||
dontaudit hal_power_default vendor_camera_prop:property_service { set };
|
||||
# b/260769063
|
||||
dontaudit hal_power_default hal_graphics_composer_default:binder { transfer };
|
||||
# b/261105028
|
||||
dontaudit hal_power_default hal_fingerprint_default:binder { transfer };
|
||||
|
|
|
|||
|
|
@ -24,3 +24,8 @@ dontaudit hal_power_stats_default sysfs_iio_devices:dir { search };
|
|||
dontaudit hal_power_stats_default sysfs_leds:dir { search };
|
||||
dontaudit hal_power_stats_default sysfs_leds:file { open };
|
||||
dontaudit hal_power_stats_default sysfs_leds:file { read };
|
||||
# b/261105152
|
||||
dontaudit hal_power_stats_default sysfs_aoc:dir { search };
|
||||
dontaudit hal_power_stats_default sysfs_aoc:file { getattr };
|
||||
dontaudit hal_power_stats_default sysfs_aoc:file { open };
|
||||
dontaudit hal_power_stats_default sysfs_aoc:file { read };
|
||||
|
|
|
|||
48
tracking_denials/hal_sensors_default.te
Normal file
48
tracking_denials/hal_sensors_default.te
Normal file
|
|
@ -0,0 +1,48 @@
|
|||
# b/261105336
|
||||
dontaudit hal_sensors_default aoc_device:chr_file { getattr };
|
||||
dontaudit hal_sensors_default aoc_device:chr_file { open };
|
||||
dontaudit hal_sensors_default aoc_device:chr_file { read write };
|
||||
dontaudit hal_sensors_default chre:unix_stream_socket { connectto };
|
||||
dontaudit hal_sensors_default chre_socket:sock_file { write };
|
||||
dontaudit hal_sensors_default device:dir { open };
|
||||
dontaudit hal_sensors_default device:dir { read };
|
||||
dontaudit hal_sensors_default device:dir { watch };
|
||||
dontaudit hal_sensors_default fwk_stats_service:service_manager { find };
|
||||
dontaudit hal_sensors_default hal_graphics_composer_default:binder { call };
|
||||
dontaudit hal_sensors_default hal_pixel_display_service:service_manager { find };
|
||||
dontaudit hal_sensors_default mnt_vendor_file:dir { search };
|
||||
dontaudit hal_sensors_default persist_file:dir { search };
|
||||
dontaudit hal_sensors_default persist_sensor_reg_file:dir { getattr };
|
||||
dontaudit hal_sensors_default persist_sensor_reg_file:dir { open };
|
||||
dontaudit hal_sensors_default persist_sensor_reg_file:dir { read };
|
||||
dontaudit hal_sensors_default persist_sensor_reg_file:dir { search };
|
||||
dontaudit hal_sensors_default persist_sensor_reg_file:file { getattr };
|
||||
dontaudit hal_sensors_default persist_sensor_reg_file:file { open };
|
||||
dontaudit hal_sensors_default persist_sensor_reg_file:file { read };
|
||||
dontaudit hal_sensors_default sensor_reg_data_file:dir { getattr };
|
||||
dontaudit hal_sensors_default sensor_reg_data_file:dir { open };
|
||||
dontaudit hal_sensors_default sensor_reg_data_file:dir { read };
|
||||
dontaudit hal_sensors_default sensor_reg_data_file:dir { search };
|
||||
dontaudit hal_sensors_default sensor_reg_data_file:file { getattr };
|
||||
dontaudit hal_sensors_default sensor_reg_data_file:file { open };
|
||||
dontaudit hal_sensors_default sensor_reg_data_file:file { read };
|
||||
dontaudit hal_sensors_default sysfs_aoc:dir { search };
|
||||
dontaudit hal_sensors_default sysfs_aoc_boottime:file { getattr };
|
||||
dontaudit hal_sensors_default sysfs_aoc_boottime:file { open };
|
||||
dontaudit hal_sensors_default sysfs_aoc_boottime:file { read };
|
||||
dontaudit hal_sensors_default sysfs_chosen:dir { search };
|
||||
dontaudit hal_sensors_default sysfs_chosen:file { open };
|
||||
dontaudit hal_sensors_default sysfs_chosen:file { read };
|
||||
dontaudit hal_sensors_default sysfs_display:file { getattr };
|
||||
dontaudit hal_sensors_default sysfs_display:file { open };
|
||||
dontaudit hal_sensors_default sysfs_display:file { read };
|
||||
dontaudit hal_sensors_default sysfs_leds:dir { search };
|
||||
dontaudit hal_sensors_default sysfs_leds:file { open };
|
||||
dontaudit hal_sensors_default sysfs_leds:file { read };
|
||||
dontaudit hal_sensors_default sysfs_write_leds:file { open };
|
||||
dontaudit hal_sensors_default sysfs_write_leds:file { write };
|
||||
dontaudit hal_sensors_default system_server:binder { call };
|
||||
dontaudit hal_sensors_default vendor_dynamic_sensor_prop:file { getattr };
|
||||
dontaudit hal_sensors_default vendor_dynamic_sensor_prop:file { map };
|
||||
dontaudit hal_sensors_default vendor_dynamic_sensor_prop:file { open };
|
||||
dontaudit hal_sensors_default vendor_dynamic_sensor_prop:file { read };
|
||||
3
tracking_denials/logd.te
Normal file
3
tracking_denials/logd.te
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
# b/261105354
|
||||
dontaudit logd trusty_log_device:chr_file { open };
|
||||
dontaudit logd trusty_log_device:chr_file { read };
|
||||
7
tracking_denials/surfaceflinger.te
Normal file
7
tracking_denials/surfaceflinger.te
Normal file
|
|
@ -0,0 +1,7 @@
|
|||
# b/261105092
|
||||
dontaudit surfaceflinger default_android_service:service_manager { find };
|
||||
dontaudit surfaceflinger vendor_file:file { execute };
|
||||
dontaudit surfaceflinger vendor_file:file { getattr };
|
||||
dontaudit surfaceflinger vendor_file:file { map };
|
||||
dontaudit surfaceflinger vendor_file:file { open };
|
||||
dontaudit surfaceflinger vendor_file:file { read };
|
||||
|
|
@ -9,3 +9,5 @@ dontaudit system_suspend_server sysfs_aoc:dir { read };
|
|||
dontaudit system_suspend_server sysfs_aoc:file { getattr };
|
||||
dontaudit system_suspend_server sysfs_aoc:file { open };
|
||||
dontaudit system_suspend_server sysfs_aoc:file { read };
|
||||
# b/261105356
|
||||
dontaudit system_suspend_server chre:binder { transfer };
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue