device_google_wahoo/sepolicy/hal_drm_default.te at f25275079d4311451ca0d7a71eaee71ac7077e89 - device_google_wahoo - EvolutionX mirror

Evolution-x-devices/device_google_wahoo

mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-02-01 07:50:47 +00:00

Files

Max Bires 55f59017a0 Adding file_contexts and allows that stopped boot in enforcing.

At some point, changes were checked in that broke enforcing mode. The
following denials should now be fixed:

denied { read } for pid=15 comm="kworker/1:0" name="slpi_v2.b12"
dev="sda
20" ino=369 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_file:s0
tclass=file

denied { read } for pid=580 comm="vold"
name="android.hardware.keymaster@3.0-impl.so" dev="sda20" ino=802
scontext=u:r:vold:s0 tcontext=u:object_r:vendor_file:s0 tclass=file

denied { read } for pid=779 comm="keystore"
name="android.hardware.keymaster@3.0-impl.so" dev="sda20" ino=802
scontext=u:r:keystore:s0 tcontext=u:object_r:vendor_file:s0 tclass=file

denied { search read open } for pid=772 comm="port-bridge"
name="msm_subsys" dev="sysfs" ino=18985 scontext=u:r:port-bridge:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir

denied { read } for pid=772 comm="port-bridge" name="name" dev="sysfs"
ino=34583 scontext=u:r:port-bridge:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=file

denied { read } for pid=772 comm="port-bridge" name="subsys0"
dev="sysfs" ino=34591 scontext=u:r:port-bridge:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=lnk_file

denied { search } for pid=772 comm="port-bridge" name="soc0" dev="sysfs"
ino=51157 scontext=u:r:port-bridge:s0 tcontext=u:object_r:sysfs_soc:s0
tclass=dir

denied { read open getattr } for pid=772 comm="port-bridge"
name="soc_id" dev="sysfs" ino=51161 scontext=u:r:port-bridge:s0
tcontext=u:object_r:sysfs_soc:s0 tclass=file

denied { read write } for pid=4417 comm="android.hardwar"
name="vndbinder" dev="tmpfs" ino=17743 scontext=u:r:hal_drm_default:s0
tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file

denied { read } for pid=3980 comm="m.android.phone"
name="libimsmedia_jni.so" dev="sda20" ino=918 scontext=u:r:radio:s0
tcontext=u:object_r:vendor_file:s0 tclass=file

denied { search } for pid=512 comm="ueventd" name="firmware" dev="sda41"
ino=246 scontext=u:r:ueventd:s0
tcontext=u:object_r:vendor_firmware_file:s0 tclass=dir

denied { read } for pid=1279 comm="ueventd" name="a530_pm4.fw"
dev="sda41" ino=251 scontext=u:r:ueventd:s0
tcontext=u:object_r:vendor_firmware_file:s0 tclass=file

Bug: 34784662
Bug: 37438752
Test: The phone successfully boots again
Change-Id: I21d9dc0f60b2cf383c66f8806eed1e1a83367c25

2017-04-19 15:35:38 -07:00

2 lines

63 B

Plaintext

Raw Blame History

allow hal_drm_default vndbinder_device:chr_file rw_file_perms;