mirror of
https://github.com/Evolution-X-Devices/device_google_walleye
synced 2026-02-01 07:33:36 +00:00
26aecc3452
Added the allow and relevant sysfs_thermal specifications to handle the
following bootup denials:
denied { read write } for pid=795 comm="thermal-engine"
name="trip_point_1_temp" dev="sysfs" ino=43298
scontext=u:r:thermal-engine:s0 tcontext=u:object_r:sysfs_thermal:s0
tclass=file
denied { ioctl write } for pid=761 comm="thermal-engine" path="socket:[18584]"
dev="sockfs" ino=18584 ioctlcmd=c302 scontext=u:r:thermal-engine:s0
tcontext=u:r:thermal-engine:s0 tclass=socket
denied { read } for pid=729 comm="thermal-engine" name="thermal_zone11"
dev="sysfs" ino=43236 scontext=u:r:thermal-engine:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=dir
denied { search } for pid=783 comm="thermal-engine" name="thermal"
dev="sysfs" ino=42709 scontext=u:r:thermal-engine:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=dir
Bug: 34784662
Test: The above denials no longer appear during boot
Change-Id: If6fd93e10a85968a16b1266d148b0303ac0e09dd
15 lines
391 B
Plaintext
15 lines
391 B
Plaintext
type thermal-engine, domain;
|
|
type thermal-engine_exec, exec_type, file_type;
|
|
|
|
init_daemon_domain(thermal-engine)
|
|
|
|
allow thermal-engine sysfs_thermal:dir r_dir_perms;
|
|
allow thermal-engine sysfs_thermal:file rw_file_perms;
|
|
|
|
allow thermal-engine self:socket create_socket_perms;
|
|
allowxperm thermal-engine self:socket ioctl msm_sock_ipc_ioctls;
|
|
|
|
userdebug_or_eng(`
|
|
permissive thermal-engine;
|
|
')
|