9ef4675f68
[ 12.536452] .(1)[399:logd.auditd]type=1400 audit(1262323310.848:231): avc: denied { search } for comm="audio@5.0-servi" name="clients" dev="debugfs" ino=3111 scontext=u:r:mtk_hal_audio:s0 tcontext=u:object_r:debugfs_ion:s0 tclass=dir permissive=1
[ 59.661176] .(0)[399:logd.auditd]type=1400 audit(1609417550.280:331): avc: denied { search } for comm="RenderThread" name="clients" dev="debugfs" ino=3111 scontext=u:r:system_app:s0 tcontext=u:object_r:debugfs_ion:s0 tclass=dir permissive=1
[ 50.275600] .(4)[399:logd.auditd]type=1400 audit(1609417547.748:325): avc: denied { search } for comm="RenderThread" name="clients" dev="debugfs" ino=3111 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:debugfs_ion:s0 tclass=dir permissive=1 app=com.android.launcher3
Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Change-Id: Ib8c7e944e95851d5ceef42bb3ea88c77c3cc7e0b
SELinux policy for MediaTek devices
Don't recurse into the platform makefiles. We don't care about them, and we
don't want to force a reset of BOARD_SEPOLICY_DIRS.
If you want to use these policies, add a
include device/mediatek/sepolicy/sepolicy.mk
to your device's BoardConfig. It is highly recommended that in case you have
your own BOARD_SEPOLICY_DIRS declaration, the inclusion happens before
those lines
Repository Details
This repository uses device/mediatek/wembley-sepolicy as base till 4769fb0d973bf079934054c6c5423ca06d67010a.
After that Google's device-specific changes starts.
Till 4769fb0d973bf079934054c6c5423ca06d67010a, this repository is similar to
the basic sepolicy repository provided by MediaTek to the OEMs.