From 3092927bb51d9961a6ef756692cb28da7bc5b377 Mon Sep 17 00:00:00 2001 From: Anand S Date: Sun, 21 Jul 2024 20:16:00 +0530 Subject: [PATCH] sm6375-common: sepolicy: Address some denials for fogos Change-Id: I3ab1949c10eb3313a3fb701bbddeffb4bf15237c --- sepolicy/vendor/genfs_contexts | 2 ++ sepolicy/vendor/init.te | 2 ++ sepolicy/vendor/vendor_qti_init_shell.te | 4 ++-- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/sepolicy/vendor/genfs_contexts b/sepolicy/vendor/genfs_contexts index eba5b72..081e6fb 100644 --- a/sepolicy/vendor/genfs_contexts +++ b/sepolicy/vendor/genfs_contexts @@ -65,6 +65,7 @@ genfscon sysfs /devices/platform/soc/4e00000.ssusb/mode # Vibrator genfscon sysfs /devices/platform/soc/984000.i2c/i2c-0/0-005a/leds/vibrator u:object_r:sysfs_vibrator:s0 +genfscon sysfs /sys/devices/platform/soc/soc:ldo_vib/leds/vibrator(/.*)? u:object_r:vendor_sysfs_vibrator:s0 # Wakeup genfscon sysfs /devices/platform/soc/984000.i2c/i2c-0/0-005a/wakeup/wakeup u:object_r:sysfs_wakeup:s0 @@ -82,3 +83,4 @@ genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.q genfscon sysfs /devices/platform/soc/1c40000.qcom,spmi/spmi-0/spmi0-02/1c40000.qcom,spmi:qcom,pm7250b@2:qcom,qpnp-smb5/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/soc/4c90000.i2c/i2c-2/2-006a/power_supply/bq25960-standalone/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/soc/soc:mmi_chrg_manager/power_supply/mmi_chrg_manager/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/soc/soc:qcom,msm-audio-apr/soc:qcom,msm-audio-apr:qcom,q6core-audio/soc:qcom,msm-audio-apr:qcom,q6core-audio:sound/Listen u:object_r:sysfs_wakeup:s0 diff --git a/sepolicy/vendor/init.te b/sepolicy/vendor/init.te index d26288a..5eb339e 100644 --- a/sepolicy/vendor/init.te +++ b/sepolicy/vendor/init.te @@ -23,3 +23,5 @@ recovery_only(` ') allow init vendor_sysfs_vibrator:file create_file_perms; + +allow init vendor_sysfs_scsi_host:file w_file_perms; diff --git a/sepolicy/vendor/vendor_qti_init_shell.te b/sepolicy/vendor/vendor_qti_init_shell.te index 75e8cea..4ba0980 100644 --- a/sepolicy/vendor/vendor_qti_init_shell.te +++ b/sepolicy/vendor/vendor_qti_init_shell.te @@ -3,5 +3,5 @@ allow vendor_qti_init_shell configfs:file create_file_perms; allow vendor_qti_init_shell configfs:lnk_file create_file_perms; allow vendor_qti_init_shell kmsg_device:chr_file w_file_perms; allow vendor_qti_init_shell proc_page_cluster:file w_file_perms; - -allow vendor_qti_init_shell vendor_file:file execute_no_trans; \ No newline at end of file +allow vendor_qti_init_shell sysfs:file { w_file_perms setattr }; +allow vendor_qti_init_shell vendor_file:file execute_no_trans;