drgreen/android_device_google_gs-common
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
android_device_google_gs-co.../gps/pixel/sepolicy/hal_gnss_pixel.te
Cheng Chang bb3522634e sepolicy: Allow hal_gnss_pixel access sscoredump file 
avc:  denied  { read } for  name="ssrdump" dev="dm-48" ino=404 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir permissive=0
avc:  denied  { search } for  name="ssrdump" dev="dm-48" ino=404 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir permissive=0
avc:  denied  { read } for  name="ssrdump" dev="dm-48" ino=404 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir permissive=1
avc:  denied  { open } for  path="/data/vendor/ssrdump" dev="dm-48" ino=404 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir permissive=1
avc:  denied  { search } for  name="ssrdump" dev="dm-48" ino=404 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir permissive=1
avc:  denied  { getattr } for  path="/data/vendor/ssrdump/crashinfo_gnss_2024-05-22_16-00-45.txt" dev="dm-48" ino=19897 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=file permissive=1
avc:  denied  { read } for  name="crashinfo_modem_2024-05-22_16-34-51.txt" dev="dm-48" ino=20760 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=file permissive=1

Bug: 341224300
Test: b/341224300#comment13 abtd boot health check.
Test: b/341224300 SST test verification.
Change-Id: Ie2b55cb487e7e801a0199b1e9dd9ad16f1e3d682
2024-06-03 03:10:11 +00:00

30 lines
986 B
Plaintext
Raw Blame History

type hal_gnss_pixel, domain;
hal_server_domain(hal_gnss_pixel, hal_gnss)
type hal_gnss_pixel_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_gnss_pixel)
#IPC between pixel and vendor HAL
binder_call(hal_gnss_pixel, hal_gnss_default)
#Read modem state
allow hal_gnss_pixel sysfs_modem_state:file r_file_perms;
#Toggle coredump node
allow hal_gnss_pixel sysfs_gps:file rw_file_perms;
# Allow access to CHRE multiclient HAL.
get_prop(hal_gnss_pixel, vendor_chre_hal_prop)
# Allow binder to CHRE.
binder_call(hal_gnss_pixel, hal_contexthub_default)
allow hal_gnss_pixel hal_contexthub_service:service_manager find;
# Allow connect to gnss service
allow hal_gnss_pixel vendor_gps_file:dir create_dir_perms;
allow hal_gnss_pixel vendor_gps_file:fifo_file create_file_perms;
# Allow access ssrdump information
allow hal_gnss_pixel sscoredump_vendor_data_crashinfo_file:file r_file_perms;
allow hal_gnss_pixel sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
Reference in New Issue View Git Blame Copy Permalink