diff options
| author | DerfElot <frederic.koch@gmail.com> | 2017-04-02 20:19:27 +0200 |
|---|---|---|
| committer | DerfElot <frederic.koch@gmail.com> | 2017-04-05 02:15:18 +0200 |
| commit | 7da4b4ffcdc81be6029507bc5094fccebbc30141 (patch) | |
| tree | 9a0bcf3cdeae41cb26af1b616e2fb7ca92adbf64 /sepolicy/file_contexts | |
| parent | 095fa56bfc35ad63ea06c086f58f7c3ff0a8eb6d (diff) | |
shinano-common: fix several selinux denials
when it is set to enforced (from logcat and dmesg):
04-01 22:29:40.566 W/macaddrsetup(362): type=1400 audit(0.0:302): avc: denied { dac_override } for capability=1 scontext=u:r:addrsetup:s0 tcontext=u:r:addrsetup:s0 tclass=capability permissive=0
04-01 22:31:46.119 W/credmgrd(333): type=1400 audit(0.0:380): avc: denied { search } for name="suntory" dev="tmpfs" ino=6960 scontext=u:r:credmgrd:s0 tcontext=u:object_r:suntrold_sock_socket:s0 tclass=dir permissive=0
04-01 22:31:46.123 W/credmgrd(333): type=1400 audit(0.0:381): avc: denied { search } for name="/" dev="tmpfs" ino=7367 scontext=u:r:credmgrd:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir permissive=0
04-01 22:31:41.186 W/iddd (12977): type=1400 audit(0.0:378): avc: denied { search } for name="/" dev="tmpfs" ino=7367 scontext=u:r:iddd:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir permissive=0
04-01 22:31:46.249 W/scd (13064): type=1400 audit(0.0:382): avc: denied { getattr } for path="/dev/socket/scd/scd.sock" dev="tmpfs" ino=9384 scontext=u:r:scd:s0 tcontext=u:object_r:socket_device:s0 tclass=sock_file permissive=0
04-02 01:54:06.328 W/scd (7200): type=1400 audit(0.0:47): avc: denied { remove_name } for name="scd.sock" dev="tmpfs" ino=8437 scontext=u:r:scd:s0 tcontext=u:object_r:socket_device:s0 tclass=dir permissive=0
04-02 02:36:47.050 W/scd (6544): type=1400 audit(0.0:53): avc: denied { unlink } for name="scd.sock" dev="tmpfs" ino=8369 scontext=u:r:scd:s0 tcontext=u:object_r:socket_device:s0 tclass=sock_file permissive=0
04-02 03:09:36.677 W/scd (7902): type=1400 audit(0.0:72): avc: denied { search } for name="scd" dev="mmcblk0p25" ino=382769 scontext=u:r:scd:s0 tcontext=u:object_r:scd_data:s0 tclass=dir permissive=0
04-02 03:42:10.207 W/excal:HalCtrl(6497): type=1400 audit(0.0:16): avc: denied { write } for name="current1" dev="sysfs" ino=19887 scontext=u:r:mediaserver:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
[ 29.029135] type=1400 audit(7343886.976:11): avc: denied { search } for pid=365 comm="mm-qcamera-daem" name="etc" dev="mmcblk0p25" ino=716673 scontext=u:r:mm-qcamerad:s0 tcontext=u:object_r:ta_data_file:s0 tclass=dir permissive=0
[ 27.905847] type=1400 audit(7343885.850:6): avc: denied { search } for pid=254 comm="wvkbd" name="suntory" dev="tmpfs" ino=7537 scontext=u:r:wv:s0 tcontext=u:object_r:suntrold_sock_socket:s0 tclass=dir permissive=0
04-02 13:20:48.566 W/excal:ExposureC(7212): type=1400 audit(0.0:18): avc: denied { search } for name="battery" dev="sysfs" ino=18957 scontext=u:r:mediaserver:s0 tcontext=u:object_r:sysfs_battery_supply:s0 tclass=dir permissive=0
04-02 14:03:30.945 W/excal:ExposureC(6244): type=1400 audit(0.0:14): avc: denied { read } for name="voltage_now" dev="sysfs" ino=18973 scontext=u:r:mediaserver:s0 tcontext=u:object_r:sysfs_battery_supply:s0 tclass=file permissive=0
04-02 14:35:55.034 W/excal:ExposureC(6197): type=1400 audit(0.0:17): avc: denied { open } for name="voltage_now" dev="sysfs" ino=18870 scontext=u:r:mediaserver:s0 tcontext=u:object_r:sysfs_battery_supply:s0 tclass=file permissive=0
04-02 15:05:29.858 W/excal:ExposureC(5947): type=1400 audit(0.0:15): avc: denied { getattr } for path="/sys/devices/qpnp-charger-14/power_supply/battery/technology" dev="sysfs" ino=18969 scontext=u:r:mediaserver:s0 tcontext=u:object_r:sysfs_battery_supply:s0 tclass=file permissive=0
04-02 17:38:33.610 W/Binder:5021_3(5299): type=1400 audit(0.0:11): avc: denied { read } for name="/" dev="tmpfs" ino=6614 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:device:s0 tclass=dir permissive=0
04-02 18:27:24.996 W/Binder:5251_1(5266): type=1400 audit(0.0:13): avc: denied { open } for name="/" dev="tmpfs" ino=7203 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:device:s0 tclass=dir permissive=0
Change-Id: Ifbc5ef57cadea4d3f35d52dce23c1b56966bd981
Diffstat (limited to 'sepolicy/file_contexts')
| -rw-r--r-- | sepolicy/file_contexts | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index ef24289..9f2d734 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -49,3 +49,12 @@ # macaddrsetup /system/bin/macaddrsetup u:object_r:addrsetup_exec:s0 /sys/devices/platform/bcmdhd_wlan/macaddr u:object_r:sysfs_addrsetup:s0 + +#KGSL +/sys/devices/fdb00000.qcom,kgsl-3d0/kgsl/kgsl-3d0/gpuclk u:object_r:sysfs_thermal:s0 +/sys/devices(/soc\.0)?/fdb00000\.qcom,kgsl-3d0/kgsl/kgsl-3d0/max_gpuclk u:object_r:sysfs_thermal:s0 +/sys/devices(/soc\.0)?/fdb00000\.qcom,kgsl-3d0/kgsl/kgsl-3d0/reset_count u:object_r:sysfs_thermal:s0 + +# ZRAM +/sys/devices/virtual/block/zram0/mm_stat u:object_r:sysfs_zram:s0 + |