google-gs201/android_device_google_lynx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

device-sepolicy: Add sepolicy for vibrator hal

Browse Source 
Added sepolicy for vibrator hal specific to device

uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { read } for property=vibrator.adaptive_haptics.enabled pid=0 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1'
avc: denied { open } for comm="odrefresh" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:odrefresh:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1
avc: denied { getattr } for comm="odrefresh" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:odrefresh:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1
avc: denied { map } for comm="odrefresh" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:odrefresh:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1
avc: denied { write } for comm="android.hardwar" name="chre" dev="tmpfs" ino=1094 scontext=u:r:hal_vibrator_default:s0 tcontext=u:object_r:chre_socket:s0 tclass=sock_file permissive=1
avc: denied { connectto } for comm="android.hardwar" path="/dev/socket/chre" scontext=u:r:hal_vibrator_default:s0 tcontext=u:r:chre:s0 tclass=unix_stream_socket permissive=1
avc: denied { open } for comm="binder:8084_3" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1 app=com.google.android.gms
avc: denied { getattr } for comm="binder:8084_3" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1 app=com.google.android.gms

Bug: 198239103
Test: Verified functionality
Signed-off-by: Chris Paulo <chrispaulo@google.com>
Change-Id: Ib118b553eab1db6f9fadaebeae0d57eb329294e3
This commit is contained in:
Chris Paulo
2022-09-16 23:54:10 +00:00
parent cf6ebcdd6f
commit b5eec482fd
4 changed files with 12 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
vendor/file_contexts vendored
View File

@@ -15,3 +15,6 @@
/dev/socket/wifihal(/.*)? u:object_r:vendor_wifihal_socket:s0 /dev/socket/wifihal(/.*)? u:object_r:vendor_wifihal_socket:s0
/vendor/bin/loc_launcher u:object_r:vendor_location_exec:s0 /vendor/bin/loc_launcher u:object_r:vendor_location_exec:s0
/vendor/bin/lowi-server u:object_r:lowi_server_exec:s0 /vendor/bin/lowi-server u:object_r:lowi_server_exec:s0
# Haptics
/vendor/bin/hw/android\.hardware\.vibrator-service\.cs40l26-private-lynx u:object_r:hal_vibrator_default_exec:s0

3
vendor/hal_vibrator_default.te vendored Normal file
View File

@@ -0,0 +1,3 @@
# Allow Vibrator HAL to communicate with daemon via socket
allow hal_vibrator_default chre:unix_stream_socket connectto;
allow hal_vibrator_default chre_socket:sock_file write;

2
vendor/property_contexts vendored Normal file
View File

@@ -0,0 +1,2 @@
# Haptics
persist.vendor.vibrator.hal. u:object_r:vendor_vibrator_prop:s0

4
vendor/vendor_init.te vendored
View File

@@ -1 +1,5 @@
# Camera
set_prop(vendor_init, vendor_camera_prop) set_prop(vendor_init, vendor_camera_prop)
# Haptics
get_prop(vendor_init, adaptive_haptics_prop)