mirror of
https://github.com/Evolution-X-Devices/device_google_wahoo
synced 2026-02-01 07:50:47 +00:00
26fe3e3a66
denied { add } for service=rcs pid=3849 uid=1001 scontext=u:r:radio:s0
tcontext=u:object_r:default_android_service:s0 tclass=service_manager
denied { add } for service=qti.ims.ext pid=5885 uid=1001
scontext=u:r:radio:s0 tcontext=u:object_r:default_android_service:s0
tclass=service_manager
denied { add } for service=cneservice pid=3134 uid=1000
scontext=u:r:system_app:s0
tcontext=u:object_r:default_android_service:s0 tclass=service_manager
denied { find } for service=permission pid=839 uid=0
scontext=u:r:folio_daemon:s0 tcontext=u:object_r:permission_service:s0
tclass=service_manager
denied { find } for service=sensorservice pid=839 uid=0
scontext=u:r:folio_daemon:s0
tcontext=u:object_r:sensorservice_service:s0 tclass=service_manager
denied { add } for
service=com.fingerprints.extension.IFingerprintNavigation pid=847
uid=1000 scontext=u:r:hal_fingerprint_default:s0
tcontext=u:object_r:default_android_service:s0 tclass=service_manager
denied { set } for property=radio.traffic.stats.tx pid=830 uid=1001
gid=1001 scontext=u:r:rild:s0 tcontext=u:object_r:default_prop:s0
tclass=property_service
denied { getattr } for pid=708 comm="servicemanager"
scontext=u:r:servicemanager:s0 tcontext=u:r:folio_daemon:s0
tclass=process
denied { open } for pid=708 comm="servicemanager"
path="/proc/832/attr/current" dev="proc" ino=33917
scontext=u:r:servicemanager:s0 tcontext=u:r:folio_daemon:s0 tclass=file
denied { read } for pid=708 comm="servicemanager" name="current"
dev="proc" ino=33917 scontext=u:r:servicemanager:s0
tcontext=u:r:folio_daemon:s0 tclass=file
denied { search } for pid=708 comm="servicemanager" name="832"
dev="proc" ino=21805 scontext=u:r:servicemanager:s0
tcontext=u:r:folio_daemon:s0 tclass=dir
denied { call } for pid=743 comm="Binder:698_2" scontext=u:r:per_mgr:s0
tcontext=u:r:system_server:s0 tclass=binder
denied { call } for pid=743 comm="Binder:698_2" scontext=u:r:per_mgr:s0
tcontext=u:r:rild:s0 tclass=binder
Bug: 34784662
Test: The above denials are no longer present
Change-Id: I0b09503680bb8e11d5e4ae63033a441e4c03a2cd
16 lines
503 B
Plaintext
16 lines
503 B
Plaintext
r_dir_file(system_app, sysfs_msm_subsys)
|
|
|
|
unix_socket_connect(system_app, cnd, cnd)
|
|
|
|
get_prop(system_app, cnd_prop)
|
|
allow system_app cne_service:service_manager add;
|
|
|
|
userdebug_or_eng(`
|
|
# TODO(b/36734870): Remove this once system_app no longer directly
|
|
# accesses data owned by vendor components
|
|
typeattribute system_app vendordata_in_core_violators;
|
|
allow system_app ramdump_data_file:dir r_dir_perms;
|
|
allow system_app ramdump_data_file:file r_file_perms;
|
|
get_prop(system_app, ssr_prop)
|
|
')
|