From 63cd5c61432834c5cd717a115cabcad29b0603d6 Mon Sep 17 00:00:00 2001 From: Hsiu-Chang Chen Date: Mon, 25 Apr 2022 11:43:29 +0800 Subject: [PATCH] Add sepolicy for pixellogger 04-25 11:36:17.795 4101 4101 I auditd : type=1400 audit(0.0:6339): avc: denied { search } for comm="LoggingService" name="wifi" dev="dm-40" ino=338 scontext=u:r:logger_app:s0:c229,c256,c512,c768 tcontext=u:object_r:vendor_wifi_vendor_data_file:s0 tclass=dir permissive=1 app=com.android.pixellogger 04-25 11:36:17.799 863 863 I auditd : type=1400 audit(0.0:6340): avc: denied { search } for comm="wifi_ext@1.0-se" name="wifi" dev="dm-40" ino=338 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:vendor_wifi_vendor_data_file:s0 tclass=dir permissive=1 Bug: 230280450 Test: Pixelloger can collect WLAN logs Change-Id: Id95e4132f2814deb1fbfb307568a4ece87a28611 --- vendor/hal_wifi_ext.te | 1 + vendor/logger_app.te | 3 +++ 2 files changed, 4 insertions(+) create mode 100644 vendor/logger_app.te diff --git a/vendor/hal_wifi_ext.te b/vendor/hal_wifi_ext.te index a16d595..b26ff32 100644 --- a/vendor/hal_wifi_ext.te +++ b/vendor/hal_wifi_ext.te @@ -1,4 +1,5 @@ allow hal_wifi_ext vendor_wlan_device:chr_file w_file_perms; +allow hal_wifi_ext vendor_wifi_vendor_data_file:dir rw_dir_perms; # write to files owned by location daemon allow hal_wifi_ext vendor_location_socket:dir rw_dir_perms; diff --git a/vendor/logger_app.te b/vendor/logger_app.te new file mode 100644 index 0000000..26c0cc6 --- /dev/null +++ b/vendor/logger_app.te @@ -0,0 +1,3 @@ +userdebug_or_eng(` + allow logger_app vendor_wifi_vendor_data_file:dir rw_dir_perms; +')