[ALPS04036690] add selinxu rules

[Detail] 1. relable /proc/chip/info and replace /proc/chip/hw_ver lable 2. add "allow aee_aed sysfs_leds:dir search" for red screen MTK-Commit-Id: 9a2bac1e41aad51276011d48a65fc58fa16d2fc9 Change-Id: Ifdfb536a9fb763301960b4e771e50c0c49636e7e CR-Id: ALPS04036690 Feature: Android Exception Engine(AEE)
2020-01-18 10:06:25 +08:00 · 2020-01-18 10:06:25 +08:00 · c54cc72936
commit c54cc72936
parent 5967cb46f7
5 changed files with 6 additions and 4 deletions
--- a/non_plat/aee_aed.te
+++ b/non_plat/aee_aed.te
@ -55,6 +55,7 @@ allow aee_aed proc_cpu_alignment:file { write open };
 allow aee_aed sysfs_vibrator_setting:dir search;
 allow aee_aed sysfs_vibrator_setting:file w_file_perms;
 allow aee_aed sysfs_vibrator:dir search;
 allow aee_aed sysfs_leds:dir search;
 # Purpose: Allow aee_aed to read /proc/kpageflags
 allow aee_aed proc_kpageflags:file r_file_perms;
--- a/non_plat/aee_aedv.te
+++ b/non_plat/aee_aedv.te
@ -356,7 +356,7 @@ allow aee_aedv proc_cpu_alignment:file w_file_perms;
 allow aee_aedv proc_gpulog:file r_file_perms;
 # Purpose: Allow aee_aedv to read /proc/chip/hw_ver
-allow aee_aedv proc_hw_ver:file r_file_perms;
+allow aee_aedv proc_chip:file r_file_perms;
 # Purpose: Allow aee_aedv to read /proc/sched_debug
 allow aee_aedv proc_sched_debug:file r_file_perms;
--- a/non_plat/dumpstate.te
+++ b/non_plat/dumpstate.te
@ -103,7 +103,7 @@ allow dumpstate proc_gpulog:file r_file_perms;
 allow dumpstate proc_sched_debug:file r_file_perms;
 # Purpose: Allow aee_dumpstate to read /proc/chip/hw_ver
-allow dumpstate proc_hw_ver:file r_file_perms;
+allow dumpstate proc_chip:file r_file_perms;
 # Purpose: Allow aee_dumpstate to write /sys/devices/virtual/timed_output/vibrator/enable
 allow dumpstate sysfs_vibrator_setting:file write;
--- a/non_plat/file.te
+++ b/non_plat/file.te
@ -59,7 +59,7 @@ type proc_zraminfo, fs_type, proc_type;
 type proc_cpu_alignment, fs_type, proc_type;
 type proc_gpulog, fs_type, proc_type;
 type proc_sched_debug, fs_type, proc_type;
-type proc_hw_ver, fs_type, proc_type;
+type proc_chip, fs_type, proc_type;
 type proc_atf_log, fs_type, proc_type;
 type proc_gz_log, fs_type, proc_type;
 type proc_last_kmsg, fs_type, proc_type;
--- a/non_plat/genfs_contexts
+++ b/non_plat/genfs_contexts
@ -24,7 +24,8 @@ genfscon proc /zraminfo u:object_r:proc_zraminfo:s0
 genfscon proc /gpulog u:object_r:proc_gpulog:s0
 genfscon proc /cpu/alignment u:object_r:proc_cpu_alignment:s0
 genfscon proc /sched_debug u:object_r:proc_sched_debug:s0
-genfscon proc /chip/hw_ver u:object_r:proc_hw_ver:s0
+genfscon proc /chip/hw_ver u:object_r:proc_chip:s0
 genfscon proc /chip/info u:object_r:proc_chip:s0
 genfscon proc /atf_log u:object_r:proc_atf_log:s0
 genfscon proc /gz_log u:object_r:proc_gz_log:s0
 genfscon proc /last_kmsg u:object_r:proc_last_kmsg:s0