Allow regmap debugfs for drivers probed by insmod
auditd : type=1400 audit(0.0:731): avc: denied { search } for
comm="modprobe" name="regmap" dev="debugfs" ino=2057
scontext=u:r:insmod-sh:s0 tcontext=u:object_r:vendor_regmap_debugfs:s0
tclass=dir permissive=1 bug=b/274727542
vendor_kernel_boot and vendor_dlkm modules probe by insmod need this.
Move regmap debugfs from legacy/whitechapel_pro/ to vendor/.
Bug: 274727542
Bug: 289012421
Bug: 285343932
Test: ls -d /sys/kernel/debug/regmap/*-0043
Change-Id: I1db7a5a3413467b4e14954d994b071b206fe0300
This commit is contained in:
Tai Kuo
parent
c9a5c03e84
commit
a3abd5ad39
6 changed files with 7 additions and 7 deletions
|
|
@ -12,9 +12,6 @@ type sysfs_bcmdhd, sysfs_type, fs_type;
|
|||
type sysfs_chargelevel, sysfs_type, fs_type;
|
||||
type sysfs_camera, sysfs_type, fs_type;
|
||||
|
||||
# debugfs
|
||||
type vendor_regmap_debugfs, fs_type, debugfs_type;
|
||||
|
||||
# persist
|
||||
type persist_ss_file, file_type, vendor_persist_type;
|
||||
|
||||
|
|
|
|||
|
|
@ -30,9 +30,6 @@ genfscon sysfs /devices/platform/wlan/sscoredump/sscd_wlan/report_count
|
|||
genfscon proc /fs/f2fs u:object_r:proc_f2fs:s0
|
||||
genfscon proc /sys/vm/swappiness u:object_r:proc_dirty:s0
|
||||
|
||||
# debugfs
|
||||
genfscon debugfs /regmap u:object_r:vendor_regmap_debugfs:s0
|
||||
|
||||
# Haptics
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/i2c-cs40l26a u:object_r:sysfs_vibrator:s0
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-6/i2c-cs40l26a u:object_r:sysfs_vibrator:s0
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ hal_uwb_default debugfs file b/279680213
|
|||
incidentd apex_art_data_file file b/272628762
|
||||
incidentd incidentd anon_inode b/274374992
|
||||
insmod-sh insmod-sh key b/274374722
|
||||
insmod-sh vendor_regmap_debugfs dir b/274727542
|
||||
kernel vendor_fw_file dir b/272166737
|
||||
kernel vendor_fw_file dir b/272166787
|
||||
mtectrl unlabeled dir b/264483752
|
||||
|
|
|
|||
3
vendor/file.te
vendored
3
vendor/file.te
vendored
|
|
@ -4,6 +4,9 @@ type persist_uwb_file, file_type, vendor_persist_type;
|
|||
#sysfs
|
||||
type sysfs_pca, sysfs_type, fs_type;
|
||||
|
||||
# debugfs
|
||||
type vendor_regmap_debugfs, fs_type, debugfs_type;
|
||||
|
||||
# Data
|
||||
type uwb_vendor_data_file, file_type, data_file_type, app_data_file_type;
|
||||
type uwb_data_vendor, file_type, data_file_type;
|
||||
|
|
|
|||
3
vendor/genfs_contexts
vendored
3
vendor/genfs_contexts
vendored
|
|
@ -3,5 +3,8 @@ genfscon sysfs /devices/platform/google,charger
|
|||
genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-006e/chg_stats u:object_r:sysfs_pca:s0
|
||||
genfscon sysfs /devices/platform/10ca0000.hsi2c/i2c-10/10-006e/chg_stats u:object_r:sysfs_pca:s0
|
||||
|
||||
# debugfs
|
||||
genfscon debugfs /regmap u:object_r:vendor_regmap_debugfs:s0
|
||||
|
||||
# Haptics
|
||||
genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-0043 u:object_r:sysfs_vibrator:s0
|
||||
|
|
|
|||
1
vendor/insmod-sh.te
vendored
Normal file
1
vendor/insmod-sh.te
vendored
Normal file
|
|
@ -0,0 +1 @@
|
|||
allow insmod-sh vendor_regmap_debugfs:dir search;
|
||||
Loading…
Add table
Add a link
Reference in a new issue