msm8974-common: sepolicy: Resolve init denials
* avc: denied { write } for name="enable_adaptive_lmk" dev="sysfs"
ino=6724 scontext=u:r:init:s0
tcontext=u:object_r:sysfs_lowmemorykiller:s0 tclass=file permissive=1
* avc: denied { open } for name="enable_adaptive_lmk" dev="sysfs"
ino=6724 scontext=u:r:init:s0
tcontext=u:object_r:sysfs_lowmemorykiller:s0 tclass=file
permissive=1
* avc: denied { setattr } for name="firmware_path" dev="sysfs"
ino=6423 scontext=u:r:init:s0
tcontext=u:object_r:sysfs_wifi_writeable:s0 tclass=file
permissive=1
* avc: denied { write } for name="l2" dev="sysfs" ino=29063
scontext=u:r:init:s0 tcontext=u:object_r:sysfs_msm_power:s0
tclass=file permissive=1
* avc: denied { open } for name="l2" dev="sysfs" ino=29063
scontext=u:r:init:s0 tcontext=u:object_r:sysfs_msm_power:s0
tclass=file permissive=1
* avc: denied { write } for name="enabled" dev="sysfs" ino=29716
scontext=u:r:init:s0 tcontext=u:object_r:sysfs_thermal:s0
tclass=file permissive=1
* avc: denied { write } for name="online" dev="sysfs" ino=5871
scontext=u:r:init:s0 tcontext=u:object_r:sysfs_devices_system_cpu:s0
tclass=file permissive=1
* avc: denied { write } for name="boost_ms" dev="sysfs" ino=6652
scontext=u:r:init:s0 tcontext=u:object_r:sysfs_cpu_boost:s0
tclass=file permissive=1
* avc: denied { open } for name="boost_ms" dev="sysfs" ino=6652
scontext=u:r:init:s0 tcontext=u:object_r:sysfs_cpu_boost:s0
tclass=file permissive=1
* avc: denied { setattr } for name="min_pwrlevel" dev="sysfs"
ino=19546 scontext=u:r:init:s0 tcontext=u:object_r:sysfs_kgsl:s0
tclass=file permissive=0
* avc: denied { setattr } for name="enabled" dev="sysfs" ino=23417
scontext=u:r:init:s0 tcontext=u:object_r:sysfs_hal_pwr:s0
tclass=file permissive=1
* avc: denied { setattr } for name="rear_camfw" dev="sysfs" ino=24404
scontext=u:r:init:s0 tcontext=u:object_r:sysfs_camera:s0
tclass=file permissive=1
* avc: denied { check_context } for scontext=u:r:init:s0
tcontext=u:object_r:kernel:s0 tclass=security permissive=0
Change-Id: Id7f78abedea2209f84527b1b83259574d06a0900
This commit is contained in:
Kevin F. Haggerty
parent
7fb5a8c6cb
commit
7e3f9a566d
@ -1,3 +1,9 @@
|
|||||||
|
# This really is necessary for init.qcom.rc to manually restorecon the
|
||||||
|
# /data/data/com.android.providers.telephony/(databases|shared_prefs)
|
||||||
|
# symlinks. Without the manual restorecon, we would have to allow rild
|
||||||
|
# to read any system_data_file:lnk_file.
|
||||||
|
selinux_check_context(init)
|
||||||
|
|
||||||
allow init {
|
allow init {
|
||||||
sysfs_iio
|
sysfs_iio
|
||||||
sysfs_sec_tsp
|
sysfs_sec_tsp
|
||||||
@ -9,11 +15,15 @@ allow init sysfs_input:file rw_file_perms;
|
|||||||
allow init sysfs_graphics:file r_file_perms;
|
allow init sysfs_graphics:file r_file_perms;
|
||||||
|
|
||||||
allow init {
|
allow init {
|
||||||
|
sysfs_audio
|
||||||
sysfs_batteryinfo
|
sysfs_batteryinfo
|
||||||
sysfs_bluetooth_writable
|
sysfs_bluetooth_writable
|
||||||
|
sysfs_camera
|
||||||
sysfs_graphics
|
sysfs_graphics
|
||||||
|
sysfs_hal_pwr
|
||||||
sysfs_iio
|
sysfs_iio
|
||||||
sysfs_input
|
sysfs_input
|
||||||
|
sysfs_kgsl
|
||||||
sysfs_leds
|
sysfs_leds
|
||||||
sysfs_mdnie
|
sysfs_mdnie
|
||||||
sysfs_msmuart_file
|
sysfs_msmuart_file
|
||||||
@ -31,10 +41,16 @@ allow init {
|
|||||||
sysfs_socinfo
|
sysfs_socinfo
|
||||||
sysfs_usb_otg
|
sysfs_usb_otg
|
||||||
sysfs_usb_storage_gadget
|
sysfs_usb_storage_gadget
|
||||||
|
sysfs_wifi_writeable
|
||||||
}:file setattr;
|
}:file setattr;
|
||||||
|
|
||||||
allow init {
|
allow init {
|
||||||
|
sysfs_cpu_boost
|
||||||
|
sysfs_devices_system_cpu
|
||||||
|
sysfs_lowmemorykiller
|
||||||
sysfs_mmc_host
|
sysfs_mmc_host
|
||||||
sysfs_msm_perf
|
sysfs_msm_perf
|
||||||
|
sysfs_msm_power
|
||||||
sysfs_sec_key
|
sysfs_sec_key
|
||||||
|
sysfs_thermal
|
||||||
}:file w_file_perms;
|
}:file w_file_perms;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user