ac26d97317
Fix the following avc denial:
avc: denied { search } for name="17000000.aoc" dev="sysfs" ino=26962 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=dir permissive=1
avc: denied { write } for name="udfps_set_clock_source" dev="sysfs" ino=110484 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=file permissive=1
avc: denied { read } for name="udfps_get_disp_freq" dev="sysfs" ino=110486 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=file permissive=1
avc: denied { write } for name="udfps_set_clock_source" dev="sysfs" ino=109423 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0
Bug: 357976286
Test: Verify fingerprint HAL process can read/write to the sysfs node.
Flag: EXEMPT NDK
Change-Id: Ia8d6288812ef47dad2018d384f43374da7005a4a
71 lines
2.2 KiB
Text
71 lines
2.2 KiB
Text
# persist
|
|
type persist_uwb_file, file_type, vendor_persist_type;
|
|
type persist_ss_file, file_type, vendor_persist_type;
|
|
type persist_display_file, file_type, vendor_persist_type;
|
|
type persist_battery_file, file_type, vendor_persist_type;
|
|
type persist_camera_file, file_type, vendor_persist_type;
|
|
type persist_fingerprint_file, file_type, vendor_persist_type;
|
|
|
|
#sysfs
|
|
type sysfs_pca, sysfs_type, fs_type;
|
|
type bootdevice_sysdev, dev_type;
|
|
type sysfs_wifi, sysfs_type, fs_type;
|
|
type sysfs_camera, sysfs_type, fs_type;
|
|
type sysfs_power_dump, sysfs_type, fs_type;
|
|
type sysfs_acpm_stats, sysfs_type, fs_type;
|
|
type sysfs_write_leds, sysfs_type, fs_type;
|
|
type sysfs_fabric, sysfs_type, fs_type;
|
|
type sysfs_em_profile, sysfs_type, fs_type;
|
|
type sysfs_ospm, sysfs_type, fs_type;
|
|
type sysfs_lhbm, sysfs_type, fs_type;
|
|
type sysfs_aoc_udfps, sysfs_type, fs_type;
|
|
|
|
# debugfs
|
|
type vendor_regmap_debugfs, fs_type, debugfs_type;
|
|
type vendor_usb_debugfs, fs_type, debugfs_type;
|
|
type vendor_charger_debugfs, fs_type, debugfs_type;
|
|
type vendor_votable_debugfs, fs_type, debugfs_type;
|
|
type vendor_battery_debugfs, fs_type, debugfs_type;
|
|
type vendor_pm_genpd_debugfs, fs_type, debugfs_type;
|
|
type vendor_maxfg_debugfs, fs_type, debugfs_type;
|
|
|
|
# Data
|
|
type uwb_vendor_data_file, file_type, data_file_type, app_data_file_type;
|
|
type uwb_data_vendor, file_type, data_file_type;
|
|
type updated_wifi_firmware_data_file, file_type, data_file_type;
|
|
type vendor_misc_data_file, file_type, data_file_type;
|
|
type powerstats_vendor_data_file, file_type, data_file_type;
|
|
type chre_data_file, file_type, data_file_type;
|
|
type vendor_fingerprint_data_file, file_type, data_file_type;
|
|
|
|
# Storage Health HAL
|
|
type proc_f2fs, proc_type, fs_type;
|
|
|
|
# Vendor tools
|
|
type vendor_dumpsys, vendor_file_type, file_type;
|
|
|
|
# USB-C throttling stats
|
|
type sysfs_usbc_throttling_stats, sysfs_type, fs_type;
|
|
|
|
# Trusty
|
|
type sysfs_trusty, sysfs_type, fs_type;
|
|
|
|
# mount FS
|
|
allow bootdevice_sysdev sysfs:filesystem associate;
|
|
|
|
# WLC
|
|
type sysfs_wlc, sysfs_type, fs_type;
|
|
|
|
# CHRE
|
|
type chre_socket, file_type;
|
|
|
|
# BT
|
|
type vendor_bt_data_file, file_type, data_file_type;
|
|
|
|
# Vendor sched files
|
|
userdebug_or_eng(`
|
|
typeattribute proc_vendor_sched mlstrustedobject;
|
|
')
|
|
|
|
# GSA
|
|
type sysfs_gsa_log, sysfs_type, fs_type;
|