7ad58f9629
In some cases vendor_init_fingerprint, vendor_init_hw,
and vendor_qti_init_shell were not allowed to execute setprop/getprop
This caused ril and fingerprint, as well as partially sensors to fail.
Log:
avc: denied { execute_no_trans } for pid=613 comm="init.oem.hw.sh" path="/vendor/bin/setprop" dev="overlay" ino=32565 scontext=u:r:vendor_init_hw:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=0
avc: denied { execute_no_trans } for comm="init.qcom.early" path="/vendor/bin/getprop" dev="overlay" ino=34132 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=0
avc: denied { execute_no_trans } for comm="init.oem.finger" path="/vendor/bin/getprop" dev="overlay" ino=34132 scontext=u:r:vendor_init_fingerprint:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=0
avc: denied { execute_no_trans } for comm="init.qcom.post_" path="/vendor/bin/getprop" dev="overlay" ino=34132 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=0
17 lines
No EOL
616 B
Text
17 lines
No EOL
616 B
Text
type vendor_init_hw, domain;
|
|
type vendor_init_hw_exec, exec_type, vendor_file_type, file_type;
|
|
init_daemon_domain(vendor_init_hw)
|
|
|
|
allow vendor_init_hw self:capability sys_module;
|
|
allow vendor_init_hw vendor_file:system module_load;
|
|
|
|
allow vendor_init_hw vendor_proc_hw:dir r_dir_perms;
|
|
allow vendor_init_hw vendor_proc_hw:file rw_file_perms;
|
|
|
|
allow vendor_init_hw vendor_motobox_exec:file rx_file_perms;
|
|
allow vendor_init_hw vendor_toolbox_exec:file rx_file_perms;
|
|
|
|
set_prop(vendor_init_hw, vendor_mot_hw_prop)
|
|
set_prop(vendor_init_hw, vendor_mot_touch_prop)
|
|
|
|
allow vendor_init_hw vendor_file:file execute_no_trans; |