Google Git
Sign in
android / device / google / gs101-sepolicy / a23d1bb
commita23d1bb37bac9396469dfe7e7b93626c5cfb863c[log] [tgz]
authorKris Chen <chenkris@google.com>Wed Jun 23 16:19:00 2021 +0800
committerKris Chen <chenkris@google.com>Wed Jun 23 16:20:57 2021 +0800
tree0d1d093e414f120252e16a31db6247597e2fc0fe
parent279437055748330fc2d89107be06cbec67e6a4be [diff]
Allow fingerprint hal to read sysfs_chosen

Fixes the following avc denial:
android.hardwar: type=1400 audit(0.0:49): avc: denied { search } for name="chosen" dev="sysfs" ino=9575 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_chosen:s0 tclass=dir permissive=1
android.hardwar: type=1400 audit(0.0:50): avc: denied { read } for name="platform" dev="sysfs" ino=9591 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_chosen:s0 tclass=file permissive=1
android.hardwar: type=1400 audit(0.0:51): avc: denied { open } for path="/sys/firmware/devicetree/base/chosen/plat/platform" dev="sysfs" ino=9591 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_chosen:s0 tclass=file permissive=1

Bug: 191832617
Test: Enroll and authenticate fingerprints.
Change-Id: I5c576cc210d9e85b1999655bdc27736183db8aed
1 file changed
tree: 0d1d093e414f120252e16a31db6247597e2fc0fe
  1. confirmationui/
  2. display/
  3. edgetpu/
  4. modem/
  5. neuralnetworks/
  6. private/
  7. public/
  8. system_ext/
  9. tracking_denials/
  10. trusty_metricsd/
  11. usf/
  12. whitechapel/
  13. gs101-sepolicy.mk
  14. OWNERS