From 56078dad4484836059a00510522480acf242cc81 Mon Sep 17 00:00:00 2001 From: Steven Moreland Date: Tue, 20 Aug 2019 12:42:03 -0700 Subject: [PATCH] Don't audit hwservice add -> find. Since an additional check related to getting the transport of a service before registering it is more visible (this is moving a VTS test failure to boot time for more visibility). When adding a 'find' check on the 'add' path, this triggered some logs here. 'find' has always been given with 'add' for other services, but for a dontaudit, find has to be manually added. Bug: 139274536 Test: TH Change-Id: Ica4266dfaf17acc8c7bc8bd83054aa02811a4a37 --- sepolicy/vendor/hal_nfc_default.te | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sepolicy/vendor/hal_nfc_default.te b/sepolicy/vendor/hal_nfc_default.te index 7ecc5dd9..f75187b1 100644 --- a/sepolicy/vendor/hal_nfc_default.te +++ b/sepolicy/vendor/hal_nfc_default.te @@ -3,5 +3,5 @@ allow hal_nfc_default nfc_vendor_data_file:dir create_dir_perms; allow hal_nfc_default nfc_vendor_data_file:file create_file_perms; dontaudit hal_nfc_default nxpese_hwservice:hwservice_manager find; -dontaudit hal_nfc_default nxpnfc_hwservice:hwservice_manager add; +dontaudit hal_nfc_default nxpnfc_hwservice:hwservice_manager { find add }; dontaudit hal_nfc_default vendor_nfc_prop:file read;