Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

set necessary domains to permissive

Browse source 
Bug: 254378739
Test: enforce and boot to home
Change-Id: I1dc8f400971e0926dbb2c5c0ac6f0ef99250e067
This commit is contained in:
Adam Shih 2023-01-03 13:40:18 +08:00
parent bd992ad2b4
commit 97748d82a9
7 changed files with 94 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

1
private/mediaprovider_app.te
View file

@ -3,3 +3,4 @@ dontaudit mediaprovider_app vendor_file:file { getattr };
dontaudit mediaprovider_app vendor_file:file { map }; dontaudit mediaprovider_app vendor_file:file { map };
dontaudit mediaprovider_app vendor_file:file { open }; dontaudit mediaprovider_app vendor_file:file { open };
dontaudit mediaprovider_app vendor_file:file { read }; dontaudit mediaprovider_app vendor_file:file { read };
permissive mediaprovider_app;

5
private/odrefresh.te
View file

@ -1 +1,4 @@
dontaudit odrefresh property_type:file *; userdebug_or_eng(`
permissive odrefresh;
dontaudit odrefresh property_type:file *;
')

3
private/system_suspend.te Normal file
View file

@ -0,0 +1,3 @@
userdebug_or_eng(`
permissive system_suspend;
')

2
tracking_denials/bootdevice_sysdev.te
View file

@ -1,2 +0,0 @@
# b/261105238
dontaudit bootdevice_sysdev sysfs:filesystem { associate };

128
tracking_denials/permissive.te
View file

@ -1,48 +1,84 @@
userdebug_or_eng(` userdebug_or_eng(`
permissive pixelstats_vendor; permissive audioserver;
permissive logger_app; permissive bootanim;
permissive fastbootd; permissive bootdevice_sysdev;
permissive audioserver; permissive charger_vendor;
permissive hal_bluetooth_btlinux; permissive chre;
permissive bootdevice_sysdev; permissive citadeld;
permissive charger_vendor; permissive con_monitor_app;
permissive chre; permissive dumpstate;
permissive kernel; permissive edgetpu_logging;
permissive bootanim; permissive euiccpixel_app;
permissive hal_graphics_allocator_default; permissive fastbootd;
permissive hal_graphics_composer_default; permissive gmscore_app;
permissive hal_health_storage_default; permissive google_camera_app;
permissive hal_power_stats_default; permissive gxp_logging;
permissive hal_fingerprint_default; permissive hal_bluetooth_btlinux;
permissive gxp_logging; permissive hal_bootctl_default;
permissive hal_contexthub_default; permissive hal_camera_default;
permissive hal_sensors_default; permissive hal_confirmationui_default;
permissive recovery; permissive hal_contexthub_default;
permissive con_monitor_app; permissive hal_dumpstate_default;
permissive hal_secure_element_st54spi; permissive hal_fingerprint_default;
permissive ofl_app; permissive hal_graphics_allocator_default;
permissive hal_thermal_default; permissive hal_graphics_composer_default;
permissive hal_secure_element_uicc; permissive hal_health_storage_default;
permissive hal_usb_gadget_impl; permissive hal_neuralnetworks_armnn;
permissive hal_usb_impl; permissive hal_neuralnetworks_darwinn;
permissive hal_camera_default; permissive hal_power_default;
permissive hal_uwb_vendor_default; permissive hal_power_stats_default;
permissive google_camera_app; permissive hal_secure_element_st54spi;
permissive uwb_vendor_app; permissive hal_secure_element_uicc;
permissive hal_wifi_ext; permissive hal_sensors_default;
permissive hal_wlc; permissive hal_thermal_default;
permissive init; permissive hal_usb_gadget_impl;
permissive logd; permissive hal_usb_impl;
permissive mediacodec_google; permissive hal_uwb_default;
permissive mediacodec_samsung; permissive hal_uwb_vendor_default;
permissive platform_app; permissive hal_vibrator_default;
permissive hbmsvmanager_app; permissive hal_wifi_ext;
permissive rlsservice; permissive hal_wireless_charger;
permissive system_server; permissive hal_wlc;
permissive tcpdump_logger; permissive hbmsvmanager_app;
permissive vendor_init; permissive hwservicemanager;
permissive tee; permissive incidentd;
permissive trusty_apploader; permissive init;
permissive trusty_metricsd; permissive insmod-sh;
permissive vold; permissive installd;
permissive isolated_app;
permissive kernel;
permissive logd;
permissive logger_app;
permissive mediacodec_google;
permissive mediacodec_samsung;
permissive mediaserver;
permissive mediaswcodec;
permissive nfc;
permissive ofl_app;
permissive pixelstats_vendor;
permissive platform_app;
permissive priv_app;
permissive proc_vendor_sched;
permissive rebalance_interrupts_vendor;
permissive recovery;
permissive rild;
permissive rlsservice;
permissive secure_element;
permissive servicemanager;
permissive shell;
permissive ssr_detector_app;
permissive system_app;
permissive system_server;
permissive tcpdump_logger;
permissive tee;
permissive toolbox;
permissive trusty_apploader;
permissive trusty_metricsd;
permissive untrusted_app;
permissive untrusted_app_30;
permissive usbd;
permissive uwb_vendor_app;
permissive vendor_init;
permissive vold;
permissive zygote;
') ')

2
tracking_denials/proc_vendor_sched.te
View file

@ -1,2 +0,0 @@
# b/260366398
dontaudit proc_vendor_sched proc:filesystem { associate };

4
vendor/file.te vendored
View file

@ -8,3 +8,7 @@ type sysfs_mfc, sysfs_type, fs_type;
# Trusty # Trusty
type sysfs_trusty, sysfs_type, fs_type; type sysfs_trusty, sysfs_type, fs_type;
# mount FS
allow proc_vendor_sched proc:filesystem associate;
allow bootdevice_sysdev sysfs:filesystem associate;