Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

hal_graphics_composer_default: fix sepolicy denials

Browse source 
Bug: 263184738
Bug: 264489746
Test: There is no AVC denied log after reboot
Change-Id: I3c5bbc55f0a676d8906ec061e3c999995d02dd3f
This commit is contained in:
Safayat Ullah 2023-01-31 13:53:13 +00:00
parent eea50ca2bc
commit 7ce9680b98
2 changed files with 5 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

11
tracking_denials/hal_graphics_composer_default.te
View file

@ -1,11 +0,0 @@
# b/263184738
dontaudit hal_graphics_composer_default vendor_hwc_log_file:dir { search };
dontaudit hal_graphics_composer_default vendor_hwc_log_file:file { append };
dontaudit hal_graphics_composer_default vendor_hwc_log_file:file { getattr };
dontaudit hal_graphics_composer_default vendor_hwc_log_file:file { open };
dontaudit hal_graphics_composer_default vendor_hwc_log_file:file { write };
dontaudit hal_graphics_composer_default vendor_log_file:dir { search };
# b/264489746
userdebug_or_eng(`
permissive hal_graphics_composer_default;
')

5
vendor/hal_graphics_composer_default.te vendored
View file

@ -38,3 +38,8 @@ add_service(hal_graphics_composer_default, vendor_surfaceflinger_vndservice)
# allow HWC to output to dumpstate via pipe fd
allow hal_graphics_composer_default hal_dumpstate_default:fifo_file { append write };
allow hal_graphics_composer_default hal_dumpstate_default:fd use;
# allow HWC to read/write/search hwc_log_file
allow hal_graphics_composer_default vendor_hwc_log_file:dir rw_dir_perms;
allow hal_graphics_composer_default vendor_hwc_log_file:file create_file_perms;
allow hal_graphics_composer_default vendor_log_file:dir search;