Cross Reference: /device/huawei/angler/sepolicy/property.te

History log of /device/huawei/angler/sepolicy/property.te
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
797ff453cc7fcd29c9a713508b2c0da2c3d0cd2c	19-Aug-2015	dcashman <dcashman@google.com>	Allow atfwd to set atfwd props. Address the following denials: [66458.777457] type=1400 audit(1439919080.384:250): avc: denied { write } for pid=4248 comm="ATFWD-daemon" name="property_service" dev="tmpfs" ino=1901 scontext=u:r:atfwd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1 [66458.777676] type=1400 audit(1439919080.384:251): avc: denied { connectto } for pid=4248 comm="ATFWD-daemon" path="/dev/socket/property_service" scontext=u:r:atfwd:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1 [66458.777988] init: avc: denied { set } for property=radio.atfwd.start scontext=u:r:atfwd:s0 tcontext=u:object_r:default_prop:s0 tclass=property_service Bug: 23154090 Change-Id: I1f049695c71248307b3b7a2e7920a9f1ecd73e34 /device/huawei/angler/sepolicy/property.te
0ca7674930e4e1a1a053c431e5a640d608c17da2	18-Aug-2015	Trevor Bunker <trevorbunker@google.com>	angler: sepolicy: allow system_server to write sensor properties fixes the following denial: init: avc: denied { set } for property=sensors.contexthub.lid_state scontext=u:r:system_server:s0 tcontext=u:object_r:default_prop:s0 tclass=property_service Change-Id: I9ba93539ebafeada32c915b4710c8112a6df5142 /device/huawei/angler/sepolicy/property.te
a715e77c6726d748b17e68a56d442a46e1b07317	07-Aug-2015	dcashman <dcashman@google.com>	Allow system_app to start ppd service. Address the following denials: [ 64.937254] init: avc: denied { set } for property=ctl.ppd scontext=u:r:system_app:s0 tcontext=u:object_r:ctl_default_prop:s0 tclass=property_service Bug: 21435401 Change-Id: Idb30c64e0398d52b0459abb77033b40fdff00f92 /device/huawei/angler/sepolicy/property.te
0b94b23fbdb5cb114011625706b83e26e17971b5	04-Aug-2015	dcashman <dcashman@google.com>	Add postproc domain. Address the following denials: [ 21.154786] type=1400 audit(1923235.659:83): avc: denied { read write } for pid=593 comm="mm-pp-daemon" name="fb0" dev="tmpfs" ino=12538 scontext=u:r:postprocd:s0 tcontext=u:object_r:graphics_device:s0 tclass=chr_file permissive=1 [ 21.186443] type=1400 audit(1923235.659:84): avc: denied { open } for pid=593 comm="mm-pp-daemon" path="/dev/graphics/fb0" dev="tmpfs" ino=12538 scontext=u:r:postprocd:s0 tcontext=u:object_r:graphics_device:s0 tclass=chr_file permissive=1 [ 21.217670] type=1400 audit(1923235.659:85): avc: denied { write } for pid=593 comm="mm-pp-daemon" name="brightness" dev="sysfs" ino=15428 scontext=u:r:postprocd:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 [ 21.241413] type=1400 audit(1923235.659:86): avc: denied { ioctl } for pid=593 comm="mm-pp-daemon" path="/dev/graphics/fb0" dev="tmpfs" ino=12538 ioctlcmd=4600 scontext=u:r:postprocd:s0 tcontext=u:object_r:graphics_device:s0 tclass=chr_file permissive=1 [ 19.392366] type=1400 audit(1927448.679:72): avc: denied { search } for pid=586 comm="mm-pp-daemon" name="leds" dev="sysfs" ino=15422 scontext=u:r:postprocd:s0 tcontext=u:object_r:sysfs_led:s0 tclass=dir permissive=1 [ 19.410761] type=1400 audit(1927448.679:73): avc: denied { read write } for pid=586 comm="mm-pp-daemon" name="brightness" dev="sysfs" ino=15428 scontext=u:r:postprocd:s0 tcontext=u:object_r:sysfs_led:s0 tclass=file permissive=1 [ 19.431068] type=1400 audit(1927448.679:74): avc: denied { open } for pid=586 comm="mm-pp-daemon" path="/sys/devices/soc.0/fd900000.qcom,mdss_mdp/qcom,mdss_fb_primary.181/leds/lcd-backlight/brightness" dev="sysfs" ino=15428 scontext=u:r:postprocd:s0 tcontext=u:object_r:sysfs_led:s0 tclass=file permissive=1 Bug: 21435401 Change-Id: Id9ebc77a5841892c97bdf1857d45f30fd366209a /device/huawei/angler/sepolicy/property.te
690bfb3a2fe0f0833b09760c6ef60b36e5ab624d	31-Jul-2015	dcashman <dcashman@google.com>	Add ims daemon. Address the following denials: [ 20.010522] type=1400 audit(1555967.749:71): avc: denied { write } for pid=562 comm="imsqmidaemon" name="property_service" dev="tmpfs" ino=11387 scontext=u:r:ims:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1 [ 20.010821] type=1400 audit(1555967.749:72): avc: denied { connectto } for pid=562 comm="imsqmidaemon" path="/dev/socket/property_service" scontext=u:r:ims:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1 [ 20.247697] init: avc: denied { set } for property=sys.ims.QMI_DAEMON_STATUS scontext=u:r:ims:s0 tcontext=u:object_r:system_prop:s0 tclass=property_service [ 19.312111] type=1400 audit(1562721.072:87): avc: denied { create } for pid=596 comm="imsdatadaemon" scontext=u:r:ims:s0 tcontext=u:r:ims:s0 tclass=socket permissive=1 [ 19.327574] type=1400 audit(1562721.072:88): avc: denied { ioctl } for pid=596 comm="imsdatadaemon" path="socket:[16885]" dev="sockfs" ino=16885 ioctlcmd=c304 scontext=u:r:ims:s0 tcontext=u:r:ims:s0 tclass=socket permissive=1 [ 19.347022] type=1400 audit(1562721.072:89): avc: denied { bind } for pid=596 comm="imsdatadaemon" scontext=u:r:ims:s0 tcontext=u:r:ims:s0 tclass=socket permissive=1 [ 19.393905] type=1400 audit(1562721.081:92): avc: denied { read } for pid=596 comm="imsdatadaemon" scontext=u:r:ims:s0 tcontext=u:r:ims:s0 tclass=socket permissive=1 [ 20.348567] type=1400 audit(1562722.231:136): avc: denied { call } for pid=567 comm="imscmservice" scontext=u:r:ims:s0 tcontext=u:r:servicemanager:s0 tclass=binder permissive=1 [ 20.363616] type=1400 audit(1562722.231:137): avc: denied { transfer } for pid=567 comm="imscmservice" scontext=u:r:ims:s0 tcontext=u:r:servicemanager:s0 tclass=binder permissive=1 [ 20.379616] type=1400 audit(1562722.231:138): avc: denied { search } for pid=409 comm="servicemanager" name="567" dev="proc" ino=17423 scontext=u:r:servicemanager:s0 tcontext=u:r:ims:s0 tclass=dir permissive=1 [ 20.398690] type=1400 audit(1562722.231:139): avc: denied { read } for pid=409 comm="servicemanager" name="current" dev="proc" ino=13649 scontext=u:r:servicemanager:s0 tcontext=u:r:ims:s0 tclass=file permissive=1 [ 20.417013] type=1400 audit(1562722.231:140): avc: denied { open } for pid=409 comm="servicemanager" path="/proc/567/attr/current" dev="proc" ino=13649 scontext=u:r:servicemanager:s0 tcontext=u:r:ims:s0 tclass=file permissive=1 [ 20.437155] type=1400 audit(1562722.231:141): avc: denied { getattr } for pid=409 comm="servicemanager" scontext=u:r:servicemanager:s0 tcontext=u:r:ims:s0 tclass=process permissive=1 Bug: 21435401 Change-Id: I0d4414550b9496b99b80b4a2a0090997b4cf5f95 /device/huawei/angler/sepolicy/property.te