NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS04501667] SELINUX: Kernel API dump of GED access

Browse Source 
Add sepolicy to resolve the kernel api dump.

MTK-Commit-Id: 471082eb801521fcba7cb9a2dc9105e9832047b7

Change-Id: Ica2001bcb4c998f2cdb2cba26f5351ea72c65153
Signed-off-by: Figo Wang <figo.wang@mediatek.com>
CR-Id: ALPS04501667
Feature: Power Management
This commit is contained in:
Figo Wang 2020-01-18 10:13:09 +08:00
parent 50ed5a3026
commit 15fe055c40
2 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
non_plat/hal_graphics_allocator.te
View File

@ -3,5 +3,3 @@
# Purpose : Add policy for gralloc HIDL # Purpose : Add policy for gralloc HIDL
allow hal_graphics_allocator proc_ged:file { read ioctl open }; allow hal_graphics_allocator proc_ged:file { read ioctl open };
allowxperm hal_graphics_allocator_default proc_ged:file ioctl { GED_BRIDGE_IO_GE_ALLOC GED_BRIDGE_IO_GE_GET };

11
non_plat/hal_graphics_allocator_default.te
View File

@ -15,4 +15,13 @@ allow hal_graphics_allocator_default debugfs_ion:dir search;
allow hal_graphics_allocator_default debugfs_tracing:file write; allow hal_graphics_allocator_default debugfs_tracing:file write;
#============= hal_graphics_allocator_default ============== #============= hal_graphics_allocator_default ==============
allow hal_graphics_allocator_default debugfs_tracing:file open; allow hal_graphics_allocator_default debugfs_tracing:file open;
#============= hal_graphics_allocator_default ==============
allow hal_graphics_allocator_default proc_ged:file r_file_perms;
allowxperm hal_graphics_allocator_default proc_ged:file ioctl {
GED_BRIDGE_IO_GE_ALLOC
GED_BRIDGE_IO_GE_GET
GED_BRIDGE_IO_GE_SET
};