sm8150-common: {sepolicy,rootdir}: Address denials in DeviceSettings
Guides that helped fix these: - https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/SELinux_Guide/rhlcommon-section-0023.html - https://msfjarvis.website/posts/understanding-and-resolving-selinux-denials-on-android - https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/4/html/SELinux_Guide/selg-part-0057.html Signed-off-by: Anirudh Gupta <anirudhgupta109@aosip.dev>
This commit is contained in:
Anirudh Gupta
Anirudh Gupta
parent
756dd639af
commit
502ed6474f
|
|
@ -76,6 +76,8 @@ on init
|
|||
|
||||
on post-fs
|
||||
chmod 0755 /sys/kernel/debug/tracing
|
||||
# Vibrator
|
||||
chown system system /sys/devices/platform/soc/89c000.i2c/i2c-2/2-005a/leds/vibrator/level
|
||||
|
||||
on early-boot
|
||||
# set RLIMIT_MEMLOCK to 64MB
|
||||
|
|
@ -168,6 +170,31 @@ on boot
|
|||
chmod 0666 /dev/qseecom
|
||||
chmod 0666 /dev/goodix_fp
|
||||
|
||||
# Graphics
|
||||
chown system graphics /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/modes
|
||||
chmod 0666 /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/modes
|
||||
# DCI-P3
|
||||
chown system graphics /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_p3_mode
|
||||
chmod 0666 /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_p3_mode
|
||||
# sRGB
|
||||
chown system graphics /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_srgb_color_mode
|
||||
chmod 0666 /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_srgb_color_mode
|
||||
# Wide Colour mode
|
||||
chown system graphics /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_wide_color_mode
|
||||
chmod 0666 /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_wide_color_mode
|
||||
# Night mode
|
||||
chown system graphics /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/night_mode
|
||||
chmod 0666 /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/night_mode
|
||||
# High Brightness Mode
|
||||
chown system graphics /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/hbm
|
||||
chmod 0666 /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/hbm
|
||||
# DC-Dimming
|
||||
chmod 0660 /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/dimlayer_bl_en
|
||||
chown system system /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/dimlayer_bl_en
|
||||
# FPS Info
|
||||
chown system graphics /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/sde-crtc-0/measured_fps
|
||||
chmod 0666 /sys/devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/sde-crtc-0/measured_fps
|
||||
|
||||
chown bluetooth net_bt /sys/class/rfkill/rfkill0/device/extldo
|
||||
chmod 0660 /sys/class/rfkill/rfkill0/device/extldo
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +1,21 @@
|
|||
genfscon proc /sensor u:object_r:proc_sensor:s0
|
||||
genfscon proc /touchpanel u:object_r:proc_touchpanel:s0
|
||||
genfscon proc /ultrasound u:object_r:proc_ultrasound:s0
|
||||
|
||||
genfscon sysfs /devices/platform/soc/89c000.i2c/i2c-2/2-005a/leds/vibrator u:object_r:sysfs_vibrator:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/aod u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/aod_disable u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/dim_alpha u:object_r:sysfs_fod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/hbm u:object_r:sysfs_fod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/notify_aod u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/notify_dim u:object_r:sysfs_fod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/notify_fppress u:object_r:sysfs_fod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/op_friginer_print_hbm u:object_r:sysfs_fod:s0
|
||||
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/aod u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/aod_disable u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/dim_alpha u:object_r:sysfs_fod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/dimlayer_bl_en u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/hbm u:object_r:sysfs_fod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_customer_srgb_mode u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_customer_p3_mode u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_p3_mode u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_srgb_color_mode u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/native_display_wide_color_mode u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/night_mode u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/notify_aod u:object_r:sysfs_aod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/notify_dim u:object_r:sysfs_fod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/notify_fppress u:object_r:sysfs_fod:s0
|
||||
genfscon sysfs /devices/platform/soc/ae00000.qcom,mdss_mdp/drm/card0/card0-DSI-1/op_friginer_print_hbm u:object_r:sysfs_fod:s0
|
||||
|
|
|
|||
|
|
@ -0,0 +1,14 @@
|
|||
# Allow system_app to read and write to sysfs_vibrator
|
||||
allow system_app sysfs_vibrator:file rw_file_perms;
|
||||
|
||||
# Allow system_app to read directories and attributes of sysfs_vibrator
|
||||
allow system_app sysfs_vibrator:dir r_dir_perms;
|
||||
|
||||
# Allow system_app to read and write to sysfs_aod
|
||||
allow system_app sysfs_aod:file rw_file_perms;
|
||||
|
||||
# Allow system_app to read and write to sysfs_fod
|
||||
allow system_app sysfs_fod:file rw_file_perms;
|
||||
|
||||
# Allow system_app to read, open and get attributes of sysfs_graphics
|
||||
allow system_app sysfs_graphics:file { getattr open read };
|
||||
Loading…
Reference in New Issue