From 2e41f0e3f09f8f7caedca37454d18fe0e8dd9891 Mon Sep 17 00:00:00 2001 From: Joel Galenson Date: Tue, 24 Apr 2018 10:17:17 -0700 Subject: [PATCH] Allow access to sysfs_timestamp_switch. We've seen these processes trying to access this file, so allow it. Note that this is likely why they needed the sysfs_diag permission we granted earlier. Bug: 77908806 Test: Build Change-Id: I60a2dae5a0635156070397242f13695678f1d00e --- sepolicy/vendor/hal_gnss_qti.te | 1 + sepolicy/vendor/qti.te | 1 + sepolicy/vendor/radio.te | 1 + 3 files changed, 3 insertions(+) diff --git a/sepolicy/vendor/hal_gnss_qti.te b/sepolicy/vendor/hal_gnss_qti.te index 2264399b..2729a96f 100644 --- a/sepolicy/vendor/hal_gnss_qti.te +++ b/sepolicy/vendor/hal_gnss_qti.te @@ -33,6 +33,7 @@ allow hal_gnss_qti self:netlink_route_socket { bind create nlmsg_read read write userdebug_or_eng(` allow hal_gnss_qti diag_device:chr_file rw_file_perms; r_dir_file(hal_gnss_qti, sysfs_diag) + allow hal_gnss_qti sysfs_timestamp_switch:file r_file_perms; ') dontaudit hal_gnss_qti diag_device:chr_file rw_file_perms; dontaudit hal_gnss_qti sysfs_diag:dir search; diff --git a/sepolicy/vendor/qti.te b/sepolicy/vendor/qti.te index be32d8c1..175db919 100644 --- a/sepolicy/vendor/qti.te +++ b/sepolicy/vendor/qti.te @@ -18,6 +18,7 @@ r_dir_file(qti, sysfs_msm_subsys) userdebug_or_eng(` allow qti diag_device:chr_file rw_file_perms; r_dir_file(qti, sysfs_diag) + allow qti sysfs_timestamp_switch:file r_file_perms; ') dontaudit qti diag_device:chr_file rw_file_perms; dontaudit qti sysfs_diag:dir search; diff --git a/sepolicy/vendor/radio.te b/sepolicy/vendor/radio.te index f45643da..162251f3 100644 --- a/sepolicy/vendor/radio.te +++ b/sepolicy/vendor/radio.te @@ -28,6 +28,7 @@ binder_call(radio, hal_imsrtp) userdebug_or_eng(` allow radio diag_device:chr_file rw_file_perms; r_dir_file(radio, sysfs_diag) + allow radio sysfs_timestamp_switch:file r_file_perms; ') dontaudit radio diag_device:chr_file rw_file_perms; dontaudit radio sysfs_diag:dir search;