Sepolicy: Fix avc denial seen during boot up.
avc: denied { search } for name="location" dev="dm-8" ino=514
scontext=u:r:tlocd:s0 tcontext=u:object_r:location_data_file:s0
tclass=dir permissive=0
avc: denied { write } for name="kmsg" dev="tmpfs" ino=1559
scontext=u:r:wcnss_service:s0 tcontext=u:object_r:kmsg_device:s0
tclass=chr_file permissive=0
- Added these policies as part of reduce avc deniels in boot up
Change-Id: I68868f5c3084bd10d8e74dd0623160a849dab5b9
This commit is contained in:
Himanshu Agrawal
parent
064c4b07f1
commit
a3b4f4e984
2 changed files with 3 additions and 0 deletions
2
legacy/vendor/common/tlocd.te
vendored
2
legacy/vendor/common/tlocd.te
vendored
|
|
@ -48,3 +48,5 @@ allow tlocd self:{ socket qipcrtr_socket } create_socket_perms;
|
|||
allowxperm tlocd self:{ socket qipcrtr_socket } ioctl msm_sock_ipc_ioctls;
|
||||
|
||||
allow tlocd ion_device:chr_file rw_file_perms;
|
||||
|
||||
allow tlocd location_data_file:dir search;
|
||||
|
|
|
|||
1
legacy/vendor/common/wcnss_service.te
vendored
1
legacy/vendor/common/wcnss_service.te
vendored
|
|
@ -75,6 +75,7 @@ allow wcnss_service vfat:file create_file_perms;
|
|||
allow wcnss_service sdcardfs:dir create_dir_perms;
|
||||
allow wcnss_service sdcardfs:file create_file_perms;
|
||||
allow wcnss_service mnt_vendor_file:file rw_file_perms;
|
||||
allow wcnss_service kmsg_device:chr_file { write open };
|
||||
|
||||
# This is needed for ptt_socket app to write logs file collected to sdcard
|
||||
r_dir_file(wcnss_service, proc_wifi_dbg)
|
||||
|
|
|
|||
Loading…
Reference in a new issue