lineage/android_device_samsung_msm8974-common
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

msm8974-common: sepolicy: allow tee system_data_root_file:dir r_dir_perms;

Browse Source 
aosp/1106014 introduces a new class system_data_root_file and
tee needs access to that as well as system_data_file.

09-09 20:26:53.639   645   645 I auditd  : type=1400 audit(0.0:9): avc: denied { read } for comm="qseecomd" name="/" dev="dm-2" ino=2 scontext=u:r:tee:s0 tcontext=u:object_r:system_data_root_file:s0 tclass=dir permissive=1
09-09 20:26:53.639   645   645 I qseecomd: type=1400 audit(0.0:9): avc: denied { read } for name="/" dev="dm-2" ino=2 scontext=u:r:tee:s0 tcontext=u:object_r:system_data_root_file:s0 tclass=dir permissive=1
09-09 20:26:53.639   645   645 I auditd  : type=1400 audit(0.0:10): avc: denied { open } for comm="qseecomd" path="/data" dev="dm-2" ino=2 scontext=u:r:tee:s0 tcontext=u:object_r:system_data_root_file:s0 tclass=dir permissive=1
09-09 20:26:53.639   645   645 I qseecomd: type=1400 audit(0.0:10): avc: denied { open } for path="/data" dev="dm-2" ino=2 scontext=u:r:tee:s0 tcontext=u:object_r:system_data_root_file:s0 tclass=dir permissive=1

Bug: 140402208
Test: Flash Taimen device, enroll fingerprint, check log for denials
Change-Id: Ie976d7bbe4aeba875b96b6b82a94734b71ba1cb9
This commit is contained in:
Paul Crowley 2019-09-09 13:45:38 -07:00 committed by Kevin F. Haggerty
parent e28494bb9f
commit bd627e8b90
No known key found for this signature in database
GPG Key ID: 6D95512933112729
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sepolicy/common/tee.te Normal file
View File

@ -0,0 +1 @@
allow tee system_data_root_file:dir r_dir_perms;