890796a889
avc: denied { read } for name="u:object_r:vendor_chre_hal_prop:s0" dev="tmpfs" ino=401 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_chre_hal_prop:s0 tclass=file
avc: denied { find } for pid=900 uid=1021 name=android.hardware.contexthub.IContextHub/default scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:hal_contexthub_service:s0 tclass=service_manager
avc: denied { call } for scontext=u:r:hal_gnss_pixel:s0 tcontext=u:r:hal_contexthub_default:s0 tclass=binder
avc: denied { call } for scontext=u:r:hal_contexthub_default:s0 tcontext=u:r:hal_gnss_pixel:s0 tclass=binder
avc: denied { search } for name="gps" dev="dm-54" ino=380 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=dir
avc: denied { write } for name="gps" dev="dm-54" ino=380 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=dir
avc: denied { add_name } for name=".pps_pipe" scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=dir
avc: denied { create } for name=".pps_pipe" scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=fifo_file
avc: denied { read } for name=".pps_pipe" dev="dm-54" ino=11418 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=fifo_file
avc: denied { open } for path="/data/vendor/gps/.pps_pipe" dev="dm-54" ino=11418 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=fifo_file permissive=1
avc: denied { write } for name=".pps_pipe" dev="dm-54" ino=11418 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=fifo_file
avc: denied { search } for name="gps" dev="dm-49" ino=380 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=dir
avc: denied { write } for name=".ppspipe" dev="dm-49" ino=18610 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=fifo_file
avc: denied { write } for name="gps" dev="dm-54" ino=380 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=dir
avc: denied { open } for path="/data/vendor/gps/.ppspipe" dev="dm-49" ino=18610 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=fifo_file
avc: denied { remove_name } for name=".pps_pipe" dev="dm-54" ino=11712 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=dir
avc: denied { unlink } for name=".pps_pipe" dev="dm-59" ino=6600 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=fifo_file
Bug: 330120749
Test: Verify PixelGnss HAL can connect to Chre HAL.
Test: Function test verification b/330120749.
Test: b/330120749#comment24 health boot check.
Test: b/330120749#comment25 health boot check.
Change-Id: I100ae061cfcbba17a26ece79eb552d60aa782d79
27 lines
797 B
Plaintext
27 lines
797 B
Plaintext
type hal_gnss_pixel, domain;
|
|
hal_server_domain(hal_gnss_pixel, hal_gnss)
|
|
|
|
type hal_gnss_pixel_exec, exec_type, vendor_file_type, file_type;
|
|
init_daemon_domain(hal_gnss_pixel)
|
|
|
|
#IPC between pixel and vendor HAL
|
|
binder_call(hal_gnss_pixel, hal_gnss_default)
|
|
|
|
#Read modem state
|
|
allow hal_gnss_pixel sysfs_modem_state:file r_file_perms;
|
|
|
|
#Toggle coredump node
|
|
allow hal_gnss_pixel sysfs_gps:file rw_file_perms;
|
|
|
|
# Allow access to CHRE multiclient HAL.
|
|
get_prop(hal_gnss_pixel, vendor_chre_hal_prop)
|
|
|
|
# Allow binder to CHRE.
|
|
binder_call(hal_gnss_pixel, hal_contexthub_default)
|
|
allow hal_gnss_pixel hal_contexthub_service:service_manager find;
|
|
|
|
# Allow connect to gnss service
|
|
allow hal_gnss_pixel vendor_gps_file:dir create_dir_perms;
|
|
allow hal_gnss_pixel vendor_gps_file:fifo_file create_file_perms;
|
|
|