donjohanliebert/device_xiaomi_sm6150-common
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
479a60f41c
device_xiaomi_sm6150-common/sepolicy/vendor
History
Mimi Wu 479a60f41c sm6150-common: sepolicy: Modify sepolicy for toolbox to rm -rf /data/per_boot 
type=1400 audit(1581489923.612:571): avc: denied { getattr } for comm="rm" path="/data/per_boot" dev="dm-9" ino=4577 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1
type=1400 audit(1581489923.612:572): avc: denied { read } for comm="rm" name="per_boot" dev="dm-9" ino=4577 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1
type=1400 audit(1581489923.612:573): avc: denied { open } for comm="rm" path="/data/per_boot" dev="dm-9" ino=4577 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1
type=1400 audit(1581489923.616:574): avc: denied { getattr } for comm="rm" path="/data/per_boot/ft09,GYyRLUL4NXv4BjupD" dev="dm-9" ino=4578 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=file permissive=1
type=1400 audit(1581489923.616:575): avc: denied { write } for comm="rm" name="per_boot" dev="dm-9" ino=4577 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1
type=1400 audit(1581489923.616:576): avc: denied { remove_name } for comm="rm" name="ft09,GYyRLUL4NXv4BjupD" dev="dm-9" ino=4578 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1
type=1400 audit(1581489923.619:577): avc: denied { unlink } for comm="rm" name="ft09,GYyRLUL4NXv4BjupD" dev="dm-9" ino=4578 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=file permissive=1
type=1400 audit(1581489923.656:578): avc: denied { rmdir } for comm="rm" name="per_boot" dev="dm-9" ino=4577 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1

Bug: 147469156
Test: flash full build and find avc errors gone
Change-Id: I22706c63fb13ea2aae0cd9fe8b92edc578fd459e
Signed-off-by: Mimi Wu <mimiwu@google.com>
2021-12-29 09:59:01 +00:00
..
adsprpcd.te davinci: sepolicy: Add vendor prefix to avoid naming colision 2020-12-30 02:02:56 +01:00
file_contexts sm6150-common: sepolicy: Add sepolicy for kernel to access /data/per_boot/zram_swap 2021-12-29 09:58:35 +00:00
file.te sm6150-common: sepolicy: Add sepolicy for kernel to access /data/per_boot/zram_swap 2021-12-29 09:58:35 +00:00
genfs_contexts sm6150-common: sepolicy: Label fastrpc adsprpc wakeup nodes 2021-07-14 20:59:14 +02:00
hal_audio_default.te davinci: sepolicy: Add vendor prefix to avoid naming colision 2020-12-30 02:02:56 +01:00
hal_bluetooth_default.te davinci: sepolicy: Allow bluetooth HAL to read the mac address 2020-10-10 21:43:31 +02:00
hal_camera_default.te davinci: sepolicy: Add vendor prefix to avoid naming colision 2020-12-30 02:02:56 +01:00
hal_fingerprint_default.te davinci: sepolicy: Add vendor prefix to avoid naming colision 2020-12-30 02:02:56 +01:00
hal_lineage_livedisplay_qti.te sm6150-common: livedisplay: Add anti flicker support 2021-06-18 18:32:31 +02:00
hal_nfc_default.te davinci: sepolicy: Add vendor prefix to avoid naming colision 2020-12-30 02:02:56 +01:00
hal_power_default.te sm6150-common: sepolicy: Allow power HAL to read idle_state node 2021-07-14 21:05:07 +02:00
hal_sensors_default.te davinci: sepolicy: Allow sensors HAL to set persist sensors properties 2020-10-10 21:43:31 +02:00
hwservice_contexts sm6150-common: Transform davinci into common tree 2021-04-25 15:18:14 +02:00
init.te davinci: sepolicy: Silence harmless QCOM denials 2020-10-10 21:43:31 +02:00
kernel.te sm6150-common: sepolicy: Add sepolicy for kernel to access /data/per_boot/zram_swap 2021-12-29 09:58:35 +00:00
mi_thermald.te davinci: sepolicy: Update mi_thermald property label 2021-04-25 14:49:59 +02:00
priv_app.te davinci: sepolicy: Silence harmless QCOM denials 2020-10-10 21:43:31 +02:00
property_contexts sm6150-common: sepolicy: Address power HAL denials 2021-06-21 23:43:39 +02:00
radio.te davinci: sepolicy: Allow radio to read vendor audio prop 2020-10-10 21:43:31 +02:00
remosaic_daemon.te davinci: sepolicy: Use add_service macro for remosaic_daemon 2020-11-28 18:12:02 +01:00
sensors.te davinci: sepolicy: Add vendor prefix to avoid naming colision 2020-12-30 02:02:56 +01:00
system_app.te sm6150-common: parts: Implement doze modes and auto brightness 2021-07-03 21:23:14 +02:00
tee.te davinci: sepolicy: Add fingerprint rules 2020-10-10 21:43:31 +02:00
toolbox.te sm6150-common: sepolicy: Modify sepolicy for toolbox to rm -rf /data/per_boot 2021-12-29 09:59:01 +00:00
touchfeature.te sm6150-common: Set permissions on /dev/xiaomi-touch 2021-07-13 22:13:56 +02:00
uncrypt.te davinci: sepolicy: Fix OTA auto-flashing with encrypted f2fs. 2020-10-10 21:43:31 +02:00
vendor_init.te sm6150-common: Transform davinci into common tree 2021-04-25 15:18:14 +02:00
vendor_qti_init_shell.te sm6150-common: rootdir: Enable PowerHAL hint processing 2021-06-21 23:43:39 +02:00
vndservice_contexts davinci: sepolicy: Add camera rules 2020-10-10 21:43:31 +02:00
wcnss_service.te davinci: sepolicy: Add vendor prefix to avoid naming colision 2020-12-30 02:02:56 +01:00