Evolution-x-devices/device_google_walleye
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_walleye synced 2026-02-01 07:33:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Adding init_power allows and supporting file_context/file.te changes.

Browse Source 
Adding allows to address the following list of bootup denials:

denied { search } for pid=629 comm="init.power.sh" name="msm_thermal"
dev="sysfs" ino=24282 scontext=u:r:init_power:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=dir

denied { open } for pid=630 comm="cat" path="/sys/devices/soc0/revision"
dev="sysfs" ino=50285 scontext=u:r:init_power:s0
tcontext=u:object_r:sysfs:s0 tclass=file

denied { read } for pid=630 comm="cat" name="revision" dev="sysfs"
ino=50285 scontext=u:r:init_power:s0 tcontext=u:object_r:sysfs:s0
tclass=file

denied { execute_no_trans } for pid=630 comm="init.power.sh"
path="/system/bin/toybox" dev="sda20" ino=509 scontext=u:r:init_power:s0
tcontext=u:object_r:toolbox_exec:s0 tclass=file

denied { read open } for pid=630 comm="init.power.sh"
path="/system/bin/toybox" dev="sda20" ino=509 scontext=u:r:init_power:s0
tcontext=u:object_r:toolbox_exec:s0 tclass=file

denied { execute } for pid=630 comm="init.power.sh" name="toybox"
dev="sda20" ino=509 scontext=u:r:init_power:s0
tcontext=u:object_r:toolbox_exec:s0 tclass=file

denied { getattr } for pid=630 comm="init.power.sh"
path="/system/bin/toybox" dev="sda20" ino=509 scontext=u:r:init_power:s0
tcontext=u:object_r:toolbox_exec:s0 tclass=file

denied { read } for pid=629 comm="init.power.sh" path="/system/bin/sh"
dev="sda20" ino=469 scontext=u:r:init_power:s0
tcontext=u:object_r:shell_exec:s0 tclass=file

denied { getattr } for pid=629 comm="init.power.sh"
path="/system/bin/sh" dev="sda20" ino=469 scontext=u:r:init_power:s0
tcontext=u:object_r:shell_exec:s0 tclass=file

denied { write } for pid=629 comm="init.power.sh" name="online"
dev="sysfs" ino=15416 scontext=u:r:init_power:s0
tcontext=u:object_r:sysfs_devices_system_cpu:s0 tclass=file

denied { open } for pid=629 comm="init.power.sh"
path="/sys/module/msm_thermal/core_control/enabled" dev="sysfs"
ino=50644 scontext=u:r:init_power:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=file

denied { write } for pid=629 comm="init.power.sh" name="enabled"
dev="sysfs" ino=50644 scontext=u:r:init_power:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=file

denied { search } for pid=630 comm="cat" name="soc0" dev="sysfs"
ino=50280 scontext=u:r:init_power:s0 tcontext=u:object_r:sysfs_soc:s0
tclass=dir

Bug: 34784662
Test: The above denials no longer appear during bootup
Change-Id: I38c7d115e8afe66a5eaa1e9b3a70acebbb806010
This commit is contained in:
Max Bires
2017-02-14 16:29:03 -08:00
parent e64551091e
commit 5e84c2774f
3 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
sepolicy/file.te
View File

@@ -1,5 +1,7 @@
type sysfs_graphics, sysfs_type, fs_type;
type sysfs_camera, sysfs_type, fs_type;
type sysfs_soc, sysfs_type, fs_type;
type qmuxd_socket, file_type;
type netmgrd_socket, file_type;
type thermal_socket, file_type;

1
sepolicy/file_contexts
View File

@@ -47,6 +47,7 @@
/sys/module/msm_thermal(/.*)? u:object_r:sysfs_thermal:s0
/sys/devices/virtual/graphics/fb([0-2])+/idle_time u:object_r:sysfs_graphics:s0
/sys/devices/soc/8c0000\.qcom,msm-cam(/.*)? u:object_r:sysfs_camera:s0
/sys/devices/soc0(/.*)? u:object_r:sysfs_soc:s0
# files in /system
/system/bin/init\.power\.sh u:object_r:init_power_exec:s0

10
sepolicy/init_power.te
View File

@@ -3,6 +3,16 @@ type init_power_exec, exec_type, file_type;
init_daemon_domain(init_power)
allow init_power shell_exec:file rx_file_perms;
allow init_power toolbox_exec:file rx_file_perms;
allow init_power sysfs_thermal:dir search;
allow init_power sysfs_thermal:file w_file_perms;
allow init_power sysfs_devices_system_cpu:file w_file_perms;
allow init_power sysfs_soc:file r_file_perms;
allow init_power sysfs_soc:dir search;
userdebug_or_eng(`
permissive init_power;
')