From 731a3272ad5c9b9087b0cca3b696b7b29aad55d1 Mon Sep 17 00:00:00 2001 From: Joel Galenson Date: Mon, 23 Apr 2018 15:50:25 -0700 Subject: [PATCH] Handle radio diag-related denials. This allows the behavior on userdebug and eng builds and hides it on user builds. Bug: 77908806 Test: Build policy. Change-Id: I0d858a94bb1bab6069107209494536a62019788f (cherry picked from commit e7e22f5e8270b78c14700a77232044224426f278) --- sepolicy/vendor/radio.te | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sepolicy/vendor/radio.te b/sepolicy/vendor/radio.te index 0cb6607b..6a07eeb9 100644 --- a/sepolicy/vendor/radio.te +++ b/sepolicy/vendor/radio.te @@ -27,8 +27,10 @@ binder_call(radio, hal_imsrtp) userdebug_or_eng(` allow radio diag_device:chr_file rw_file_perms; + r_dir_file(radio, sysfs_diag) ') dontaudit radio diag_device:chr_file rw_file_perms; +dontaudit radio sysfs_diag:dir search; # read /proc/cmdline allow radio proc_cmdline:file r_file_perms;