371f678632
This reverts commit 66ba3214b8.
Reason for revert: fix breakage in next build with build-time flag in
selinux policy.
Fixed the following audit logs:
[ 285.983545] type=1400 audit(1724270284.724:31): avc: denied { read } for comm="android.hardwar" name="state" dev="sysfs" ino=85740 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:sysfs_udc:s0 tclass=file permissive=0
Bug: 339241080
Test: tested on Shiba trunk_staging and next builds
Flag: build.RELEASE_USB_UDC_SYSFS_SELINUX_POLICY_ENABLED
Change-Id: Ie4979f408a5bca0bb9b9762048ab716ddeeb4d2f
31 lines
1 KiB
Text
31 lines
1 KiB
Text
type hal_usb_impl, domain;
|
|
|
|
type hal_usb_impl_exec, vendor_file_type, exec_type, file_type;
|
|
init_daemon_domain(hal_usb_impl)
|
|
hal_server_domain(hal_usb_impl, hal_usb)
|
|
hal_server_domain(hal_usb_impl, hal_usb_gadget)
|
|
|
|
allow hal_usb_impl sysfs_batteryinfo:dir r_dir_perms;
|
|
allow hal_usb_impl sysfs_batteryinfo:file rw_file_perms;
|
|
allow hal_usb_impl dumpstate:fd use;
|
|
get_prop(hal_usb_impl, vendor_usb_config_prop)
|
|
|
|
# Needed for monitoring usb port temperature
|
|
allow hal_usb_impl self:capability2 wake_alarm;
|
|
wakelock_use(hal_usb_impl);
|
|
|
|
# For interfacing with ThermalHAL
|
|
hal_client_domain(hal_usb_impl, hal_thermal);
|
|
|
|
# For monitoring usb sysfs attributes
|
|
allow hal_usb_impl sysfs_wakeup:dir search;
|
|
allow hal_usb_impl sysfs_wakeup:file r_file_perms;
|
|
is_flag_enabled(RELEASE_USB_UDC_SYSFS_SELINUX_POLICY_ENABLED, `
|
|
allow hal_usb_impl sysfs_udc:file r_file_perms;
|
|
')
|
|
|
|
# For metrics upload
|
|
allow hal_usb_impl fwk_stats_service:service_manager find;
|
|
|
|
# For reading the usb-c throttling stats
|
|
allow hal_usb_impl sysfs_usbc_throttling_stats:file r_file_perms;
|