Add the selinux policy for MDS to access modem_state file
avc deny:
2024-02-20 19:21:35.941 21780-21780 DiagnosticServi com.google.mds I type=1400 audit(0.0:1078): avc: denied { read } for name="modem_state" dev="sysfs" ino=60939 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.mds
2024-02-20 19:21:35.941 21780-21780 DiagnosticServi com.google.mds I type=1400 audit(0.0:1079): avc: denied { open } for path="/sys/devices/platform/cpif/modem_state" dev="sysfs" ino=60939 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.mds
2024-02-20 19:21:35.941 21780-21780 DiagnosticServi com.google.mds I type=1400 audit(0.0:1080): avc: denied { getattr } for path="/sys/devices/platform/cpif/modem_state" dev="sysfs" ino=60939 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.mds
Bug: 331202327
Change-Id: I49bd28e4ae3b311c7e4b98567b929d3b887e0238
This commit is contained in:
mikeyuewang
Mike Wang
parent
31edc2fa71
commit
ed2820a221
1 changed files with 2 additions and 0 deletions
|
|
@ -7,6 +7,8 @@ allow modem_diagnostic_app app_api_service:service_manager find;
|
||||||
allow modem_diagnostic_app radio_service:service_manager find;
|
allow modem_diagnostic_app radio_service:service_manager find;
|
||||||
|
|
||||||
userdebug_or_eng(`
|
userdebug_or_eng(`
|
||||||
|
allow modem_diagnostic_app sysfs_modem_state:file r_file_perms;
|
||||||
|
|
||||||
hal_client_domain(modem_diagnostic_app, hal_power_stats);
|
hal_client_domain(modem_diagnostic_app, hal_power_stats);
|
||||||
|
|
||||||
allow modem_diagnostic_app hal_exynos_rild_hwservice:hwservice_manager find;
|
allow modem_diagnostic_app hal_exynos_rild_hwservice:hwservice_manager find;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue