From 8ed6a9057cb0c2a8215198dcc0bceda7d59a2cf9 Mon Sep 17 00:00:00 2001 From: Huaiming Li Date: Sat, 18 Jan 2020 10:18:41 +0800 Subject: [PATCH] [ALPS04719663] add sepolicy rules 1.dump file: add adsp sepolicy rule for dumping log 2.allow vendor process ro read tracing_on file MTK-Commit-Id: 954cb9410ded3baa31927881abbff963b5bba56d Change-Id: Iab86bf588585b7d1b34d1c1fbc6fb5acce833267 CR-Id: ALPS04719663 Feature: Android Exception Engine(AEE) (cherry picked from commit b0f133c03c3bf22d4794c16f1a2d98d95ad1b70d) --- non_plat/aee_aedv.te | 2 +- non_plat/dumpstate.te | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/non_plat/aee_aedv.te b/non_plat/aee_aedv.te index f2b24b6..5998134 100644 --- a/non_plat/aee_aedv.te +++ b/non_plat/aee_aedv.te @@ -165,7 +165,7 @@ allow aee_aedv proc_interrupts:file read; # avc: denied { open } for path="/sys/kernel/debug/tracing/tracing_on" dev= # "debugfs" ino=2087 scontext=u:r:dumpstate:s0 tcontext=u:object_r: # tracing_shell_writable:s0 tclass=file permissive=1 -allow aee_aedv debugfs_tracing:file { write read open }; +allow aee_aedv debugfs_tracing:file rw_file_perms; # Purpose: # 01-01 00:05:16.730 3566 3566 W dmesg : type=1400 audit(0.0:5173): avc: diff --git a/non_plat/dumpstate.te b/non_plat/dumpstate.te index 9ba9dca..a4941b6 100644 --- a/non_plat/dumpstate.te +++ b/non_plat/dumpstate.te @@ -168,3 +168,6 @@ allow dumpstate proc_last_kmsg:file r_file_perms; # Date: 19/07/15 # Purpose: Allow dumpstate to read /sys/kernel/debug/kmemleak allow dumpstate debugfs_kmemleak:file r_file_perms; + +#Purpose: Allow dumpstate to read /sys/class/misc/adsp/adsp_last_log +allow dumpstate sysfs_adsp:file r_file_perms;