07-08 05:12:16.032 0 0 E init : Do not have permissions to set 'ro.qc.sdk.audio.ssr' to 'false' in property file '/vendor/build.prop': SELinux permission check failed
07-08 05:12:16.032 0 0 E init : Do not have permissions to set 'ro.qc.sdk.audio.fluencetype' to 'fluence' in property file '/vendor/build.prop': SELinux permission check failed
07-08 05:12:16.032 0 0 E init : Do not have permissions to set 'persist.audio.fluence.voicecall' to 'true' in property file '/vendor/build.prop': SELinux permission check failed
07-08 05:12:16.032 0 0 E init : Do not have permissions to set 'persist.audio.fluence.voicerec' to 'true' in property file '/vendor/build.prop': SELinux permission check failed
07-08 05:12:16.032 0 0 E init : Do not have permissions to set 'persist.audio.fluence.speaker' to 'true' in property file '/vendor/build.prop': SELinux permission check failed
07-08 05:12:16.032 0 0 E init : Do not have permissions to set 'persist.audio.fluence.voicecomm' to 'true' in property file '/vendor/build.prop': SELinux permission check failed
User builds do not allow permissive domains.
Change-Id: Idbf04be9c83fb2f33ac4c592306d790a7d10a36e
Signed-off-by: chrisl7 <wandersonrodriguesf1@gmail.com>
******************************
5 violations found:
camera. u:object_r:vendor_camera_prop:s0
ro.camera. u:object_r:vendor_camera_prop:s0
sys.boot.hwc u:object_r:vendor_camera_prop:s0
sys.fp.vendor u:object_r:vendor_fingerprint_prop:s0
wifi.interface u:object_r:wifi_hal_prop:s0
******************************
device/xiaomi/sm6375-common/sepolicy/vendor/property_contexts contains properties
which are not properly namespaced.
This is enforced by VTS, so please fix such offending properties.
Co-authored-by: chrisl7 <wandersonrodriguesf1@gmail.com>
Change-Id: Ib1065171df107306da27066b0d8d8c444dd3bfe5
* This is a squash commit from nnippon99:thirteen
veux: Address some missing denials
veux: Address wcnss denials
veux: Set ro.product.mod_device correctly and label sepolicy for it
* Proper set ro.product.mod_device depending on variant
* This needed for MIUICamera to work
veux: Add support for MiuiCamera!
veux: sepolicy: allow last_kmsg and fix denial
W init : type=1400 audit(0.0:7): avc: denied { setattr } for name="last_kmsg" dev="proc" ino=4026532174 scontext=u:r:init:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0
W BootReceiver: cannot read last msg
W BootReceiver: java.io.FileNotFoundException: /proc/last_kmsg: open failed: EACCES (Permission denied)
W BootReceiver: at libcore.io.IoBridge.open(IoBridge.java:574)
W BootReceiver: at java.io.FileInputStream.<init>(FileInputStream.java:160)
W BootReceiver: at android.os.FileUtils.readTextFile(FileUtils.java:637)
W BootReceiver: at com.android.server.BootReceiver.logFsShutdownTime(BootReceiver.java:649)
W BootReceiver: at com.android.server.BootReceiver.logBootEvents(BootReceiver.java:305)
W BootReceiver: at com.android.server.BootReceiver.-$$Nest$mlogBootEvents(Unknown Source:0)
W BootReceiver: at com.android.server.BootReceiver$1.run(BootReceiver.java:139)
W BootReceiver: Caused by: android.system.ErrnoException: open failed: EACCES (Permission denied)
W BootReceiver: at libcore.io.Linux.open(Native Method)
W BootReceiver: at libcore.io.ForwardingOs.open(ForwardingOs.java:563)
W BootReceiver: at libcore.io.BlockGuardOs.open(BlockGuardOs.java:274)
W BootReceiver: at libcore.io.IoBridge.open(IoBridge.java:560)
W BootReceiver: ... 6 more
veux: sepolicy: Fix logspam
* This is a SQUASH commit for multiple commits for fixing some logspam
veux: sepolicy: Label more sysfs wakeup nodes
veux: sepolicy: Label more graphics nodes
E WiredAccessoryManager: file /sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon3/name not found
E WiredAccessoryManager: file /sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon2/name not found
E WiredAccessoryManager: file /sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon1/name not found
E WiredAccessoryManager: file /sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon0/name not found
veux: sepolicy: address radio.qcriNvOpt hwservice denial
veux: sepolicy: Allow user apps to read proc/zoneinfo files
* E nightwatch-target: /proc/zoneinfo open: errno=13
* E nightwatch-target: sysmeminfo parse failed
* avc: denied { read } for name="zoneinfo" dev="proc" ino=4026531859 scontext=u:r:untrusted_app:s0:c61,c257,c512,c768 tcontext=u:object_r:proc_zoneinfo:s0 tclass=file permissive=0 app=com.facebook.katana
veux: sepolicy: Fix Build errors
veux: sepolicy: Resolve qemu_hw_prop denial
avc: denied { read } for name="u:object_r:qemu_hw_prop:s0" dev="tmpfs" ino=1316 scontext=u:r:system_app:s0 tcontext=u:object_r:qemu_hw_prop:s0 tclass=file permissive=0
veux: sepolicy: Fix isolated_app denial
avc: denied { setattr } for comm="CrUtilityMain" name="commands.json" dev="mmcblk0p42" ino=1251111 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="commands.json" dev="mmcblk0p42" ino=1251111 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="f2" dev="mmcblk0p42" ino=1251128 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="f2" dev="mmcblk0p42" ino=1251128 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
veux: Label some radio property
W libc : Unable to set property "ro.vendor.ril.svlte1x" to "false": error code: 0xb
W libc : Unable to set property "ro.vendor.ril.svdo" to "false": error code: 0xb
veux: prop: set some props and fix log
W libc : Unable to set property "ro.telephony.call_ring.multiple" to "false": error code: 0xb
W libc : Unable to set property "ro.vendor.ril.svlte1x" to "false": error code: 0xb
W libc : Unable to set property "ro.vendor.ril.svdo" to "false": error code: 0xb
veux: sepolicy: fix some denials
* Rearranges sepolicy/vendor/genfs_contexts properly too
W libc : Access denied finding property "ro.miui.singlesim"
W libc : Access denied finding property "ro.product.marketname"
W libc : Access denied finding property "ro.miui.ui.version.code"
W libc : Access denied finding property "ro.hardware.chipname"
W libc : Access denied finding property "ro.vendor.aware_available"
W libc : Access denied finding property "ro.vendor.gfx.32bit.target"
W libc : Access denied finding property 'wifi.interface'
W binder:2540_3: type=1400 audit: avc: denied { open } for path="/dev/__properties__/u:object_r:vendor_aware_available_prop:s0" dev="tmpfs" ino=1946 scontext=u:r:system_app:s0 tcontext=u:object_r:vendor_aware_available_prop:s0 tclass=file permissive=0
E android.system.suspend@1.0-service: Error opening kernel wakelock stats for: wakeup63 (../../devices/virtual/misc/msm_g711mlaw/wakeup63): Permission denied
E android.system.suspend@1.0-service: Error opening kernel wakelock stats for: wakeup58 (../../devices/virtual/misc/msm_amrwb/wakeup58): Permission denied
veux: sepolicy: Allow perf hal to read graphics composer
W/perf@2.2-servic(882): type=1400 audit(0.0:120396): avc: denied { search } for name="880" dev="proc" ino=394316 scontext=u:r:vendor_hal_perf_default:s0 tcontext=u:r:hal_graphics_composer_default:s0 tclass=dir permissive=0
veux: sepolicy: fix denial
avc: denied { read } for comm="e2fsck" name="sde26" dev="tmpfs" ino=15571 scontext=u:r:fsck:s0 tcontext=u:object_r:vendor_custom_ab_block_device:s0 tclass=blk_file permissive=0
avc: denied { read write } for comm="e2fsck" name="sde26" dev="tmpfs" ino=15571 scontext=u:r:fsck:s0 tcontext=u:object_r:vendor_custom_ab_block_device:s0 tclass=blk_file permissive=0
veux: sepolicy: Fix avc denials related to vendor/toolbox.te
avc: denied { kill } for comm="mkswap" capability=5 scontext=u:r🧰s0 tcontext=u:r🧰s0 tclass=capability permissive=0
veux: sepolicy: Resolve system_app denial
veux: sepolicy: KANG missing entries from sm8350-common
Signed-off-by: nnippon99 <adamayyad1999@hotmail.com>
Change-Id: Ica2495d4c2833b0c0509db802115ca720cc7511a
