msm8974-common: sepolicy: Label sysfs_sensors, resolve denials

* avc: denied { read } for name="ssp_sensor" dev="sysfs" ino=27809
  scontext=u:r:init:s0 tcontext=u:object_r:sysfs_sensors:s0
  tclass=lnk_file permissive=1
* avc: denied { setattr } for name="temperature" dev="sysfs" ino=10861
  scontext=u:r:init:s0 tcontext=u:object_r:sysfs_sensors:s0
  tclass=file permissive=0

Change-Id: I2e4a436704ed019af153da880d7becbde4b0ab11
This commit is contained in:
Kevin F. Haggerty 2018-11-14 20:08:14 -07:00
parent c39a735ab5
commit 1f52307ccb
No known key found for this signature in database
GPG Key ID: 6D95512933112729
2 changed files with 5 additions and 0 deletions

View File

@ -82,3 +82,6 @@
/sys/devices/virtual/sec/sec_touchkey(/.*)? u:object_r:sysfs_sec_touchkey:s0
/sys/devices/virtual/sec/switch(/.*)? u:object_r:sysfs_sec_switch:s0
/sys/devices/virtual/sec/tsp(/.*)? u:object_r:sysfs_sec_tsp:s0
# sysfs - sensors
/sys/devices/virtual/sensors(/.*)? u:object_r:sysfs_sensors:s0

View File

@ -1,6 +1,7 @@
allow init {
sysfs_iio
sysfs_sec_tsp
sysfs_sensors
}:lnk_file read;
allow init sysfs_input:file rw_file_perms;
@ -24,6 +25,7 @@ allow init {
sysfs_sec_thermistor
sysfs_sec_touchkey
sysfs_sec_tsp
sysfs_sensors
}:file setattr;
allow init {