From 02775432c278b212ad34c4f64d27622d9d64e52e Mon Sep 17 00:00:00 2001 From: neoyu Date: Mon, 27 Dec 2021 10:33:25 +0800 Subject: [PATCH] Fix SELinux errors for vendor_rcs_app avc: denied { call } for comm="nnon.rcsservice" scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice nnon.rcsservice: type=1400 audit(0.0:116): avc: denied { call } for scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice avc: denied { transfer } for scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice avc: denied { transfer } for comm="nnon.rcsservice" scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice Bug: 205904435 Test: manual Change-Id: Ia988e89ac3ccb543cefabfc289e446db09e01c2b --- tracking_denials/vendor_rcs_app.te | 5 ----- whitechapel_pro/vendor_rcs_app.te | 3 +++ 2 files changed, 3 insertions(+), 5 deletions(-) delete mode 100644 tracking_denials/vendor_rcs_app.te diff --git a/tracking_denials/vendor_rcs_app.te b/tracking_denials/vendor_rcs_app.te deleted file mode 100644 index 7c6042eb..00000000 --- a/tracking_denials/vendor_rcs_app.te +++ /dev/null @@ -1,5 +0,0 @@ -# b/205779581 -dontaudit vendor_rcs_app radio_service:service_manager { find }; -# b/205904435 -dontaudit vendor_rcs_app rild:binder { call }; -dontaudit vendor_rcs_app rild:binder { transfer }; diff --git a/whitechapel_pro/vendor_rcs_app.te b/whitechapel_pro/vendor_rcs_app.te index f3fe4f3d..b0a46284 100644 --- a/whitechapel_pro/vendor_rcs_app.te +++ b/whitechapel_pro/vendor_rcs_app.te @@ -2,4 +2,7 @@ type vendor_rcs_app, domain; app_domain(vendor_rcs_app) allow vendor_rcs_app app_api_service:service_manager find; +allow vendor_rcs_app radio_service:service_manager find; allow vendor_rcs_app hal_exynos_rild_hwservice:hwservice_manager find; + +binder_call(vendor_rcs_app, rild)