mirror of
https://github.com/Evolution-X-Devices/device_google_wahoo
synced 2026-02-01 15:09:54 +00:00
Adding allow rules and bug_map entries to clean up boot on taimen
Allow rule denials:
denied { ioctl } for pid=863 comm="rild"
path="/vendor/radio/qcril_database/qcril.db" dev="dm-1" ino=900
ioctlcmd=f50c scontext=u:r:rild:s0 tcontext=u:object_r:vendor_file:s0
tclass=file
denied { read } for pid=1609 comm="batterystats-wo" name="show_stat"
dev="sysfs" ino=37781 scontext=u:r:system_server:s0
tcontext=u:object_r:sysfs:s0 tclass=file
denied { search } for pid=1609 comm="system_server"
name="800f000.qcom,spmi" dev="sysfs" ino=19648
scontext=u:r:system_server:s0 tcontext=u:object_r:sysfs_msm_subsys:s0
tclass=dir
bug_map denial entries:
denied { create } for pid=751 comm="main" name="tasks"
scontext=u:r:zygote:s0 tcontext=u:object_r:cgroup:s0 tclass=fil
denied { getattr } for pid=1609 comm="system_server"
path="/vendor/framework" dev="dm-1" ino=291
scontext=u:r:system_server:s0
tcontext=u:object_r:vendor_framework_file:s0 tclass=dir
Test: denials either don't show up or are properly tagged with a bug
number
Change-Id: Ibf841033ac5480ddb975772840680011cb331a7d
Merged-In: Ibf841033ac5480ddb975772840680011cb331a7d
(cherry picked from commit 53146f8cc0)
This commit is contained in:
Max Bires
committed by
Jeffrey Vander Stoep
Jeffrey Vander Stoep
parent
c2283035e2
commit
bf29a6610c
2
sepolicy/vendor/bug_map
vendored
Normal file
2
sepolicy/vendor/bug_map
vendored
Normal file
@@ -0,0 +1,2 @@
|
||||
system_server vendor_framework_file dir 67860706
|
||||
zygote cgroup file 67860826
|
||||
1
sepolicy/vendor/genfs_contexts
vendored
1
sepolicy/vendor/genfs_contexts
vendored
@@ -59,6 +59,7 @@ genfscon sysfs /bus/msm_subsys u:object
|
||||
genfscon sysfs /module/subsystem_restart u:object_r:sysfs_msm_subsys_restart:s0
|
||||
genfscon sysfs /kernel/boot_adsp/boot u:object_r:sysfs_msm_subsys:s0
|
||||
genfscon sysfs /kernel/boot_slpi/boot u:object_r:sysfs_msm_subsys:s0
|
||||
genfscon sysfs /kernel/memory_state_time u:object_r:sysfs_power:s0
|
||||
genfscon sysfs /devices/soc/c1b7000.i2c/i2c-9/9-0008 u:object_r:sysfs_easel:s0
|
||||
genfscon sysfs /class/typec u:object_r:sysfs_usb_c:s0
|
||||
genfscon sysfs /class/typec/usbc0 u:object_r:sysfs_usb_c:s0
|
||||
|
||||
2
sepolicy/vendor/rild.te
vendored
2
sepolicy/vendor/rild.te
vendored
@@ -8,7 +8,7 @@ allow rild qmuxd_socket:sock_file create_file_perms;
|
||||
allow rild netmgrd_socket:dir search;
|
||||
unix_socket_connect(rild, netmgrd, netmgrd)
|
||||
|
||||
allow rild vendor_file:file { execute_no_trans lock };
|
||||
allow rild vendor_file:file { execute_no_trans lock ioctl };
|
||||
|
||||
allow rild per_mgr_service:service_manager find;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user