diff options
| author | Cosme Domínguez Díaz <cosme.ddiaz@gmail.com> | 2018-07-28 22:47:45 +0200 |
|---|---|---|
| committer | Cosme Domínguez Díaz <cosme.ddiaz@gmail.com> | 2018-07-28 22:48:06 +0200 |
| commit | e50fb33e9036346415850c50198d2b2a1dcbe7ac (patch) | |
| tree | cad7933ab849efd0b714bab963e08d6259026395 | |
| parent | 9ec4789f177d4e9b531002fa6768b361509160ed (diff) | |
msm8996-common: Fix chager SELinux denials:
avc: denied { dac_override } for pid=442 comm="chargeonlymode" capability=1 scontext=u:r:charger:s0 tcontext=u:r:charger:s0 tclass=capability permissive=1
avc: denied { read } for pid=442 comm="chargeonlymode" name="rtc0" dev="tmpfs" ino=2231 scontext=u:r:charger:s0 tcontext=u:object_r:rtc_device:s0 tclass=chr_file permissive=1
avc: denied { open } for pid=442 comm="chargeonlymode" path="/dev/rtc0" dev="tmpfs" ino=2231 scontext=u:r:charger:s0 tcontext=u:object_r:rtc_device:s0 tclass=chr_file permissive=1
avc: denied { ioctl } for pid=442 comm="chargeonlymode" path="/dev/rtc0" dev="tmpfs" ino=2231 ioctlcmd=7008 scontext=u:r:charger:s0 tcontext=u:object_r:rtc_device:s0 tclass=chr_file permissive=1
avc: denied { write } for pid=442 comm="chargeonlymode" name="persist" dev="rootfs" ino=14980 scontext=u:r:charger:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
avc: denied { add_name } for pid=442 comm="chargeonlymode" name="subsys" scontext=u:r:charger:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
avc: denied { create } for pid=442 comm="chargeonlymode" name="subsys" scontext=u:r:charger:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
avc: denied { create } for pid=442 comm="chargeonlymode" name="batt_info.bin" scontext=u:r:charger:s0 tcontext=u:object_r:persist_file:s0 tclass=file permissive=1
avc: denied { read append } for pid=442 comm="chargeonlymode" name="batt_info.bin" dev="rootfs" ino=2334 scontext=u:r:charger:s0 tcontext=u:object_r:persist_file:s0 tclass=file permissive=1
avc: denied { getattr } for pid=442 comm="chargeonlymode" path="/persist/subsys/batt_info.bin" dev="rootfs" ino=2334 scontext=u:r:charger:s0 tcontext=u:object_r:persist_file:s0 tclass=file permissive=1
| -rw-r--r-- | sepolicy/charger.te | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/sepolicy/charger.te b/sepolicy/charger.te index 4881c2d..b3848df 100644 --- a/sepolicy/charger.te +++ b/sepolicy/charger.te @@ -1,2 +1,4 @@ -allow charger device:dir r_dir_perms; -allow charger self:capability { dac_override dac_read_search }; +allow charger persist_file:dir create_dir_perms; +allow charger persist_file:file create_file_perms; +allow charger rtc_device:chr_file r_file_perms; +allow charger self:capability dac_override; |