[Bramble] Fix SELinux related to hal_imsrtp

avc: denied { read } for comm="ims_rtp_daemon" name="u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=26759 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { open } for path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17135 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1
avc: denied { getattr } for comm="ims_rtp_daemon" path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=17135 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1

avc: denied { write } for comm="ims_rtp_daemon" name="ims_datad" dev="tmpfs" ino=33889 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:ims_socket:s0 tclass=sock_file permissive=1

avc:  denied  { find } for interface=vendor.qti.imsrtpservice::IRTPService sid=u:r:hal_imsrtp:s0 pid=1008 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:hal_imsrtp_hwservice:s0 tclass=hwservice_manager permissive=1
avc:  denied  { add } for interface=vendor.qti.imsrtpservice::IRTPService sid=u:r:hal_imsrtp:s0 pid=1008 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:hal_imsrtp_hwservice:s0 tclass=hwservice_manager permissive=1

avc: denied { call } for scontext=u:r:hal_imsrtp:s0 tcontext=u:r:hwservicemanager:s0 tclass=binder permissive=1

avc: denied { connectto } for comm="ims_rtp_daemon" path="/dev/socket/ims_datad" scontext=u:r:hal_imsrtp:s0 tcontext=u:r:ims:s0 tclass=unix_stream_socket permissive=1

avc: denied { open } for comm="ims_rtp_daemon" path="/dev/__properties__/u:object_r:hwservicemanager_prop:s0" dev="tmpfs" ino=26759 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:hwservicemanager_prop:s0 tclass=file permissive=1

avc: denied { read } for comm="ims_rtp_daemon" name="u:object_r:qcom_ims_prop:s0" dev="tmpfs" ino=17164 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:qcom_ims_prop:s0 tclass=file permissive=1
avc: denied { open } for comm="ims_rtp_daemon" path="/dev/__properties__/u:object_r:qcom_ims_prop:s0" dev="tmpfs" ino=26788 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:qcom_ims_prop:s0 tclass=file permissive=1
avc: denied { getattr } for comm="ims_rtp_daemon" path="/dev/__properties__/u:object_r:qcom_ims_prop:s0" dev="tmpfs" ino=17164 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:qcom_ims_prop:s0 tclass=file permissive=1

avc: denied { read } for comm="ims_rtp_daemon" scontext=u:r:hal_imsrtp:s0 tcontext=u:r:hal_imsrtp:s0 tclass=qipcrtr_socket permissive=1
avc: denied { write } for comm="ims_rtp_daemon" scontext=u:r:hal_imsrtp:s0 tcontext=u:r:hal_imsrtp:s0 tclass=qipcrtr_socket permissive=1
avc: denied { create } for comm="ims_rtp_daemon" scontext=u:r:hal_imsrtp:s0 tcontext=u:r:hal_imsrtp:s0 tclass=qipcrtr_socket permissive=1

avc: denied { read } for comm="ims_rtp_daemon" name="name" dev="sysfs" ino=66849 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_ssr:s0 tclass=file permissive=1
avc: denied { open } for comm="ims_rtp_daemon" path="/sys/devices/platform/soc/9800000.qcom,npu/subsys6/name" dev="sysfs" ino=66849 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_ssr:s0 tclass=file permissive=1

avc: denied { read } for name="timestamp_switch" dev="sysfs" ino=38283 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_timestamp_switch:s0 tclass=file permissive=1
avc: denied { open } for path="/sys/module/diagchar/parameters/timestamp_switch" dev="sysfs" ino=38283 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_timestamp_switch:s0 tclass=file permissive=1

avc: denied { search } for comm="ims_rtp_daemon" name="soc0" dev="sysfs" ino=39558 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_soc:s0 tclass=dir permissive=1
avc: denied { read } for comm="ims_rtp_daemon" name="soc_id" dev="sysfs" ino=39562 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_soc:s0 tclass=file permissive=1
avc: denied { open } for comm="ims_rtp_daemon" path="/sys/devices/soc0/soc_id" dev="sysfs" ino=39562 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_soc:s0 tclass=file permissive=1

avc: denied { search } for comm="ims_rtp_daemon" name="msm_subsys" dev="sysfs" ino=27404 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir permissive=1
avc: denied { read } for comm="ims_rtp_daemon" name="devices" dev="sysfs" ino=27406 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir permissive=1
avc: denied { open } for comm="ims_rtp_daemon" path="/sys/bus/msm_subsys/devices" dev="sysfs" ino=27406 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir permissive=1

avc: denied { search } for comm="ims_rtp_daemon" name="diagchar" dev="sysfs" ino=38277 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:sysfs_diag:s0 tclass=dir permissive=1

avc: denied { read write } for comm="ims_rtp_daemon" name="diag" dev="tmpfs" ino=27185 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file permissive=1
avc: denied { open } for comm="ims_rtp_daemon" path="/dev/diag" dev="tmpfs" ino=27185 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file permissive=1
avc: denied { ioctl } for comm="ims_rtp_daemon" path="/dev/diag" dev="tmpfs" ino=27185 ioctlcmd=0x20 scontext=u:r:hal_imsrtp:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file permissive=1

Bug: 145496740
Test: Flash the rom and boot to home without this avc denied.
Change-Id: Ieab8b5c88723b234f4125fde34bd84cacb765dd9
2 files changed
tree: af1864eff1f1e8e6aea57d4a97ff4b0932d682fd
  1. private/
  2. public/
  3. tracking_denials/
  4. vendor/
  5. OWNERS
  6. redbull-sepolicy.mk