From ca38bc851d51a5046629d4d5863e51f93edeaaa1 Mon Sep 17 00:00:00 2001 From: Ecco Park Date: Fri, 16 Jun 2017 10:53:31 -0700 Subject: [PATCH] wifi: add the read permission for /proc/ath_pktlog/cld Error: type=1400 audit(1497566325.222:1870): avc: denied { read } for pid=963 comm="cnss_diag" name="cld" dev="proc" ino=4026533982 scontext=u:r:wcnss_service:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0 Bug: 36823983 Change-Id: Ie231bedccfc75d020e7a467d9b87b0e44e46fad2 Signed-off-by: Ecco Park --- sepolicy/vendor/genfs_contexts | 1 + sepolicy/vendor/wcnss_service.te | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/sepolicy/vendor/genfs_contexts b/sepolicy/vendor/genfs_contexts index dd82cc3c..3fe84319 100644 --- a/sepolicy/vendor/genfs_contexts +++ b/sepolicy/vendor/genfs_contexts @@ -1,5 +1,6 @@ genfscon proc /debug/fwdump u:object_r:proc_wifi_dbg:s0 genfscon proc /debugdriver/driverdump u:object_r:proc_wifi_dbg:s0 +genfscon proc /ath_pktlog/cld u:object_r:proc_wifi_dbg:s0 genfscon sysfs /devices/soc/soc:qcom,cpubw u:object_r:sysfs_msm_subsys:s0 genfscon sysfs /devices/soc/soc:qcom,mincpubw u:object_r:sysfs_msm_subsys:s0 diff --git a/sepolicy/vendor/wcnss_service.te b/sepolicy/vendor/wcnss_service.te index 8f4a8d74..6814c239 100644 --- a/sepolicy/vendor/wcnss_service.te +++ b/sepolicy/vendor/wcnss_service.te @@ -30,6 +30,10 @@ allow wcnss_service cnss_vendor_data_file:file create_file_perms; allow wcnss_service proc_net:file getattr; r_dir_file(wcnss_service, sysfs_msm_subsys) +# pkt logging for cnss_diag +userdebug_or_eng(` + r_dir_file(wcnss_service, proc_wifi_dbg) +') allow wcnss_service sysfs_soc:dir search; allow wcnss_service sysfs_soc:file r_file_perms;