Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
device_google_zumapro/radio/modem_diagnostic_app.te
mikeyuewang ed2820a221 Add the selinux policy for MDS to access modem_state file 
avc deny:
2024-02-20 19:21:35.941 21780-21780 DiagnosticServi         com.google.mds                       I  type=1400 audit(0.0:1078): avc:  denied  { read } for  name="modem_state" dev="sysfs" ino=60939 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.mds
2024-02-20 19:21:35.941 21780-21780 DiagnosticServi         com.google.mds                       I  type=1400 audit(0.0:1079): avc:  denied  { open } for  path="/sys/devices/platform/cpif/modem_state" dev="sysfs" ino=60939 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.mds
2024-02-20 19:21:35.941 21780-21780 DiagnosticServi         com.google.mds                       I  type=1400 audit(0.0:1080): avc:  denied  { getattr } for  path="/sys/devices/platform/cpif/modem_state" dev="sysfs" ino=60939 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.mds

Bug: 331202327

Change-Id: I49bd28e4ae3b311c7e4b98567b929d3b887e0238
2024-03-27 17:50:05 +00:00

49 lines
1.8 KiB
Text
Raw Blame History

type modem_diagnostic_app, domain;
app_domain(modem_diagnostic_app)
net_domain(modem_diagnostic_app)
allow modem_diagnostic_app app_api_service:service_manager find;
allow modem_diagnostic_app radio_service:service_manager find;
userdebug_or_eng(`
allow modem_diagnostic_app sysfs_modem_state:file r_file_perms;
hal_client_domain(modem_diagnostic_app, hal_power_stats);
allow modem_diagnostic_app hal_exynos_rild_hwservice:hwservice_manager find;
binder_call(modem_diagnostic_app, rild)
binder_call(modem_diagnostic_app, dmd)
set_prop(modem_diagnostic_app, vendor_cbd_prop)
set_prop(modem_diagnostic_app, vendor_rild_prop)
set_prop(modem_diagnostic_app, vendor_modem_prop)
allow modem_diagnostic_app sysfs_chosen:dir r_dir_perms;
allow modem_diagnostic_app sysfs_chosen:file r_file_perms;
allow modem_diagnostic_app vendor_fw_file:file r_file_perms;
allow modem_diagnostic_app radio_vendor_data_file:dir create_dir_perms;
allow modem_diagnostic_app radio_vendor_data_file:file create_file_perms;
allow modem_diagnostic_app mnt_vendor_file:dir r_dir_perms;
allow modem_diagnostic_app mnt_vendor_file:file r_file_perms;
allow modem_diagnostic_app modem_img_file:dir r_dir_perms;
allow modem_diagnostic_app modem_img_file:file r_file_perms;
allow modem_diagnostic_app modem_img_file:lnk_file r_file_perms;
allow modem_diagnostic_app hal_vendor_oem_hwservice:hwservice_manager find;
allow modem_diagnostic_app sysfs_batteryinfo:file r_file_perms;
allow modem_diagnostic_app sysfs_batteryinfo:dir search;
dontaudit modem_diagnostic_app default_prop:file r_file_perms;
# Modem Log Mask Library Permissions
allow modem_diagnostic_app liboemservice_proxy_service:service_manager find;
binder_use(modem_diagnostic_app)
binder_call(modem_diagnostic_app, liboemservice_proxy_default)
')
Reference in a new issue View git blame Copy permalink