android_device_mediatek_sepolicy

NekoSakura/android_device_mediatek_sepolicy

Fork 0

Commit Graph

Author	SHA1	Message	Date
Aayush Gupta	a15f249346	non_plat: Label /dev/teei_fp and allow required perms to hal_fingerprint_default /dev/teei_fp is used by fingerprint to communicate with Microtrust TEE drivers to store fingerprint data on the device. Label it and allow relevant source required permissions. Denial observed without this change: [ 17.672144] .(4)[397:logd.auditd]type=1400 audit(1608975801.860:326): avc: denied { ioctl } for comm="fingerprint@2.1" path="/dev/teei_fp" dev="tmpfs" ino=15742 ioctlcmd=0x5402 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1 Test: Boot and notice denials have disappeared Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com> Change-Id: I8a7445400be241e81f8bf21347967b85381ed3ec	2020-12-30 16:14:31 +05:30

Author

SHA1

Message

Date

Aayush Gupta

a15f249346

non_plat: Label /dev/teei_fp and allow required perms to hal_fingerprint_default

/dev/teei_fp is used by fingerprint to communicate with Microtrust TEE drivers to
store fingerprint data on the device. Label it and allow relevant source required
permissions.

Denial observed without this change:
[   17.672144] .(4)[397:logd.auditd]type=1400 audit(1608975801.860:326): avc: denied { ioctl } for comm="fingerprint@2.1" path="/dev/teei_fp" dev="tmpfs" ino=15742 ioctlcmd=0x5402 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1

Test: Boot and notice denials have disappeared

Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Change-Id: I8a7445400be241e81f8bf21347967b85381ed3ec

2020-12-30 16:14:31 +05:30

1 Commits