NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS04719663] add sepolicy rules

Browse Source 
1.dump file: add adsp sepolicy rule for dumping log
2.allow vendor process ro read tracing_on file

MTK-Commit-Id: 954cb9410ded3baa31927881abbff963b5bba56d

Change-Id: Iab86bf588585b7d1b34d1c1fbc6fb5acce833267
CR-Id: ALPS04719663
Feature: Android Exception Engine(AEE)
(cherry picked from commit b0f133c03c3bf22d4794c16f1a2d98d95ad1b70d)
This commit is contained in:
Huaiming Li 2020-01-18 10:18:41 +08:00 committed by Larry Liang
parent 175622c880
commit 8ed6a9057c
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
non_plat/aee_aedv.te
View File

@ -165,7 +165,7 @@ allow aee_aedv proc_interrupts:file read;
# avc: denied { open } for path="/sys/kernel/debug/tracing/tracing_on" dev= # avc: denied { open } for path="/sys/kernel/debug/tracing/tracing_on" dev=
# "debugfs" ino=2087 scontext=u:r:dumpstate:s0 tcontext=u:object_r: # "debugfs" ino=2087 scontext=u:r:dumpstate:s0 tcontext=u:object_r:
# tracing_shell_writable:s0 tclass=file permissive=1 # tracing_shell_writable:s0 tclass=file permissive=1
allow aee_aedv debugfs_tracing:file { write read open }; allow aee_aedv debugfs_tracing:file rw_file_perms;
# Purpose: # Purpose:
# 01-01 00:05:16.730 3566 3566 W dmesg : type=1400 audit(0.0:5173): avc: # 01-01 00:05:16.730 3566 3566 W dmesg : type=1400 audit(0.0:5173): avc:

3
non_plat/dumpstate.te
View File

@ -168,3 +168,6 @@ allow dumpstate proc_last_kmsg:file r_file_perms;
# Date: 19/07/15 # Date: 19/07/15
# Purpose: Allow dumpstate to read /sys/kernel/debug/kmemleak # Purpose: Allow dumpstate to read /sys/kernel/debug/kmemleak
allow dumpstate debugfs_kmemleak:file r_file_perms; allow dumpstate debugfs_kmemleak:file r_file_perms;
#Purpose: Allow dumpstate to read /sys/class/misc/adsp/adsp_last_log
allow dumpstate sysfs_adsp:file r_file_perms;