141c01ba0c
1. avc: denied { find } for pid=889 uid=1064 name=android.hardware.citadel.ICitadeld scontext=u:r:hal_oemlock_citadel:s0 tcontext=u:object_r:citadeld_service:s0 tclass=service_manager permissive=1
2. avc: denied { read } for name="vndbinder" dev="binder" ino=6 scontext=u:r:hal_oemlock_citadel:s0 tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file permissive=1
3. avc: denied { write } for name="vndbinder" dev="binder" ino=6 scontext=u:r:hal_oemlock_citadel:s0 tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file permissive=1
4. avc: denied { open } for path="/dev/binderfs/vndbinder" dev="binder" ino=6 scontext=u:r:hal_oemlock_citadel:s0 tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file permissive=1
5. avc: denied { ioctl } for path="/dev/binderfs/vndbinder" dev="binder" ino=6 ioctlcmd=0x6209 scontext=u:r:hal_oemlock_citadel:s0 tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file permissive=1
6. avc: denied { call } for scontext=u:r:hal_oemlock_citadel:s0 tcontext=u:r:vndservicemanager:s0 tclass=binder permissive=1
Bug: 240932137
Change-Id: I804d925e020f6adfe8cd0c34aedead366c99adc0
10 lines
342 B
Plaintext
10 lines
342 B
Plaintext
type hal_oemlock_citadel, domain;
|
|
type hal_oemlock_citadel_exec, exec_type, vendor_file_type, file_type;
|
|
|
|
vndbinder_use(hal_oemlock_citadel)
|
|
binder_call(hal_oemlock_citadel, citadeld)
|
|
allow hal_oemlock_citadel citadeld_service:service_manager find;
|
|
|
|
hal_server_domain(hal_oemlock_citadel, hal_oemlock)
|
|
init_daemon_domain(hal_oemlock_citadel)
|