diff options
author | android-build-team Robot <android-build-team-robot@google.com> | 2019-07-09 03:08:40 +0000 |
---|---|---|
committer | android-build-team Robot <android-build-team-robot@google.com> | 2019-07-09 03:08:40 +0000 |
commit | b98e97de208e18c4440781ab078163a828207eff (patch) | |
tree | 79ed2a4fb17acd212ab0b69975bc58e3ee7fb76c | |
parent | 732bde830987a268c9f12bd442c2949b32f82c2b (diff) | |
parent | 54a5b0fc6c8be179ec12b7759fdaab9d7e268627 (diff) | |
download | bonito-sepolicy-android10-security-release.tar.gz |
Snap for 5713174 from 54a5b0fc6c8be179ec12b7759fdaab9d7e268627 to qt-releaseandroid-vts-10.0_r9android-vts-10.0_r8android-vts-10.0_r7android-vts-10.0_r6android-vts-10.0_r5android-vts-10.0_r4android-vts-10.0_r3android-vts-10.0_r2android-vts-10.0_r16android-vts-10.0_r15android-vts-10.0_r14android-vts-10.0_r13android-vts-10.0_r12android-vts-10.0_r11android-vts-10.0_r10android-vts-10.0_r1android-security-10.0.0_r75android-security-10.0.0_r74android-security-10.0.0_r73android-security-10.0.0_r72android-security-10.0.0_r71android-security-10.0.0_r70android-security-10.0.0_r69android-security-10.0.0_r68android-security-10.0.0_r67android-security-10.0.0_r66android-security-10.0.0_r65android-security-10.0.0_r64android-security-10.0.0_r63android-security-10.0.0_r62android-security-10.0.0_r61android-security-10.0.0_r60android-security-10.0.0_r59android-security-10.0.0_r58android-security-10.0.0_r57android-security-10.0.0_r56android-security-10.0.0_r55android-security-10.0.0_r54android-security-10.0.0_r53android-security-10.0.0_r52android-security-10.0.0_r51android-security-10.0.0_r50android-security-10.0.0_r49android-security-10.0.0_r48android-cts-10.0_r9android-cts-10.0_r8android-cts-10.0_r7android-cts-10.0_r6android-cts-10.0_r5android-cts-10.0_r4android-cts-10.0_r3android-cts-10.0_r2android-cts-10.0_r16android-cts-10.0_r15android-cts-10.0_r14android-cts-10.0_r13android-cts-10.0_r12android-cts-10.0_r11android-cts-10.0_r10android-cts-10.0_r1android-10.0.0_r6android-10.0.0_r5android-10.0.0_r47android-10.0.0_r46android-10.0.0_r4android-10.0.0_r3android-10.0.0_r2android-10.0.0_r17android-10.0.0_r11android-10.0.0_r10android-10.0.0_r1android10-tests-releaseandroid10-security-releaseandroid10-s3-releaseandroid10-s2-releaseandroid10-s1-releaseandroid10-release
Change-Id: I660601229f3accddab3635e6d436b827e3469fad
-rw-r--r-- | vendor/qcom/common/dumpstate.te | 1 | ||||
-rw-r--r-- | vendor/qcom/common/hal_dumpstate_impl.te | 20 |
2 files changed, 21 insertions, 0 deletions
diff --git a/vendor/qcom/common/dumpstate.te b/vendor/qcom/common/dumpstate.te index e515e04c..f150518e 100644 --- a/vendor/qcom/common/dumpstate.te +++ b/vendor/qcom/common/dumpstate.te @@ -16,4 +16,5 @@ allow dumpstate debugfs_mmc:dir search; allow dumpstate vendor_firmware_file:dir getattr; allow dumpstate vendor_firmware_file:filesystem getattr; +dontaudit dumpstate misc_logd_file:dir read; dontaudit dumpstate kernel:system module_request; diff --git a/vendor/qcom/common/hal_dumpstate_impl.te b/vendor/qcom/common/hal_dumpstate_impl.te index d5e5918b..ea4d30d4 100644 --- a/vendor/qcom/common/hal_dumpstate_impl.te +++ b/vendor/qcom/common/hal_dumpstate_impl.te @@ -134,3 +134,23 @@ allow hal_dumpstate_impl debugfs_pmic:dir r_dir_perms; allow hal_dumpstate_impl debugfs_pmic:file r_file_perms; allow hal_dumpstate_impl dumpstate:fifo_file write; + +dontaudit hal_dumpstate_impl binder_device:chr_file rw_file_perms; +dontaudit hal_dumpstate_impl vndbinder_device:chr_file rw_file_perms; +dontaudit hal_dumpstate_impl property_socket:sock_file rw_file_perms; +dontaudit hal_dumpstate_impl radio_vendor_data_file:dir r_dir_perms; +dontaudit hal_dumpstate_impl radio_vendor_data_file:file r_file_perms; +dontaudit hal_dumpstate_impl netmgr_data_file:dir r_dir_perms; +dontaudit hal_dumpstate_impl netmgr_data_file:file r_file_perms; +dontaudit hal_dumpstate_impl vendor_modem_diag_prop:file rw_file_perms; +dontaudit hal_dumpstate_impl vendor_tcpdump_log_prop:file rw_file_perms; +dontaudit hal_dumpstate_impl sysfs_usb_device:dir r_dir_perms; +dontaudit hal_dumpstate_impl sysfs_usb_device:file r_file_perms; +dontaudit hal_dumpstate_impl ssr_log_file:dir search; +dontaudit hal_dumpstate_impl ssr_log_file:file r_file_perms; +dontaudit hal_dumpstate_impl tcpdump_vendor_data_file:dir create_dir_perms; +dontaudit hal_dumpstate_impl tcpdump_vendor_data_file:file create_file_perms; +dontaudit hal_dumpstate_impl perfstatsd_exec:file rx_file_perms; +dontaudit hal_dumpstate_impl perfstatsd_service:service_manager find; +dontaudit hal_dumpstate_impl mpss_rfs_data_file:dir r_dir_perms; +dontaudit hal_dumpstate_impl mpss_rfs_data_file:file r_file_perms; |