Google Git
Sign in
android / device / google / gs101-sepolicy / 00e1b9a
commit00e1b9a704abd57a160dd27d9caf8ad99bd6780a[log] [tgz]
authorKris Chen <chenkris@google.com>Fri May 07 17:46:02 2021 +0800
committerKris Chen <chenkris@google.com>Wed May 12 09:48:48 2021 +0800
treec67952313bb9db17128564e3ed6f06507bc0e56c
parent6978cd7220406b0940dad5b5abfdf8807147a06c [diff]
Add sepolicy for the UDFPS antispoof property

Fixes the following avc denial:
/system/bin/init: type=1107 audit(0.0:4): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=fingerprint.disable.fake pid=364 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:default_prop:s0 tclass=property_service permissive=0'
android.hardwar: type=1400 audit(0.0:7): avc: denied { read } for name="u:object_r:vendor_fingerprint_fake_prop:s0" dev="tmpfs" ino=307 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:vendor_fingerprint_fake_prop:s0 tclass=file permissive=0

Bug: 187394838
Bug: 187562932
Test: Antispoof is disabled by default.
Test: Use the following adb command to manully turn on antispoof.
      "setprop persist.vendor.fingerprint.disable.fake.override 0"
Change-Id: I90d6ea70d5e0e1a125efb902f1fd61ff4b51baa2
4 files changed
tree: c67952313bb9db17128564e3ed6f06507bc0e56c
  1. ambient/
  2. display/
  3. private/
  4. system_ext/
  5. tracking_denials/
  6. usf/
  7. whitechapel/
  8. gs101-sepolicy.mk
  9. OWNERS