From df76b984675254e8b8c9c493fd6a0865d1e065de Mon Sep 17 00:00:00 2001 From: Sashko Date: Sun, 3 Nov 2019 01:11:48 +0200 Subject: [PATCH] sepolicy: Resolve healthd denials * Label all healthd devices as sysfs_batteryinfo * denied { getattr } for path=/sys/devices/f9923000.i2c/i2c-84/84-0036/power_supply/battery/present dev=sysfs ino=19172 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 * denied { getattr } for path=/sys/devices/f9923000.i2c/i2c-84/84-006b/power_supply/ac/type dev=sysfs ino=16691 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 * denied { getattr } for path=/sys/devices/msm_dwc3/power_supply/usb/type dev=sysfs ino=15162 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 * denied { getattr } for path=/sys/devices/f9923000.i2c/i2c-84/84-0036/power_supply/battery/voltage_now dev=sysfs ino=19162 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 * denied { getattr } for path=/sys/devices/f9923000.i2c/i2c-84/84-0036/power_supply/battery/current_now dev=sysfs ino=19163 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 * denied { getattr } for path=/sys/devices/f9923000.i2c/i2c-84/84-0036/power_supply/battery/temp dev=sysfs ino=19180 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 * denied { getattr } for pid=217 comm=healthd path=/sys/devices/bq51013b_wlc.77/power_supply/wireless/type dev=sysfs ino=16663 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 * denied { getattr } for path=/sys/devices/virtual/power_supply/touch/type dev=sysfs ino=15931 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 Change-Id: I4b8a4dbbcb687de966e9f2dee02f668f6ce5a602 --- sepolicy/file_contexts | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index b65aa2a3..66969cbd 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -149,7 +149,13 @@ /sys/devices/fdb00000\.qcom,kgsl-3d0/kgsl/kgsl-3d0/gpuclk u:object_r:sysfs_thermal:s0 /sys/devices/fdb00000\.qcom,kgsl-3d0/kgsl/kgsl-3d0/max_gpuclk u:object_r:sysfs_thermal:s0 /sys/devices/fdb00000\.qcom,kgsl-3d0/kgsl/kgsl-3d0/reset_count u:object_r:sysfs_thermal:s0 -/sys/devices/f9923000\.i2c/i2c-84/84-0036/power_supply/battery/capacity u:object_r:sysfs_batteryinfo:s0 + +/sys/devices/f9923000\.i2c/i2c-84/84-0036/power_supply/battery(/.*)? u:object_r:sysfs_batteryinfo:s0 +/sys/devices/f9923000.i2c/i2c-84/84-006b/power_supply/ac(/.*)? u:object_r:sysfs_batteryinfo:s0 +/sys/devices/msm_dwc3/power_supply/usb(/.*)? u:object_r:sysfs_batteryinfo:s0 +/sys/devices/virtual/power_supply/touch(/.*)? u:object_r:sysfs_batteryinfo:s0 +/sys/devices/bq51013b_wlc.77/power_supply/wireless(/.*)? u:object_r:sysfs_batteryinfo:s0 +/sys/devices/battery_tm_ctrl.78/power_supply/batt_therm(/.*)? u:object_r:sysfs_batteryinfo:s0 # Sysfs files used by qmuxd /sys/devices/virtual/smdpkt/smdcntl([0-9])+/open_timeout u:object_r:sysfs_smdcntl_open_timeout:s0