redbull-sepolicy: hal_graphics_composer_default avc: denied { search } for comm="vendor.qti.hard" name="soc0" dev="sysfs" ino=47945 scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:sysfs_soc:s0 tclass=dir permissive=0 avc: denied { read } for comm="vendor.qti.hard" name="soc_id" dev="sysfs" ino=47931 scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:sysfs_soc:s0 tclass=file permissive=0 Bug: 157435953 Test: boot to home and there is no avc denied log. Change-Id: Ie870540cd5a1f254197ba4a0fc2e8a6b8e6c608a

commit: 9a268db07a614d4b33ba1396f24431c41d756bea [log] [tgz]
author: Lopy Cheng <lopycheng@google.com> Wed May 27 13:53:11 2020 +0800
committer: Lopy Cheng <lopycheng@google.com> Wed May 27 08:14:26 2020 +0000
tree: f695f6412776a1ce93d3000a7fc613c1ab9f2083
parent: 94b5cccdc3eae402c8da30d25ca60f804f15a8d5 [diff]
diff --git a/vendor/qcom/common/hal_graphics_composer_default.te b/vendor/qcom/common/hal_graphics_composer_default.te
index 573612e..4fe5bbf 100644
--- a/vendor/qcom/common/hal_graphics_composer_default.te
+++ b/vendor/qcom/common/hal_graphics_composer_default.te

@@ -31,6 +31,9 @@
 
 allow hal_graphics_composer_default oemfs:dir search;
 
+allow hal_graphics_composer_default sysfs_soc:dir search;
+allow hal_graphics_composer_default sysfs_soc:file r_file_perms;
+
 hal_client_domain(hal_graphics_composer_default, hal_graphics_allocator);
 
 # Allow r/w to data partition for writeback dumps
commit	9a268db07a614d4b33ba1396f24431c41d756bea	[log] [tgz]
author	Lopy Cheng <lopycheng@google.com>	Wed May 27 13:53:11 2020 +0800
committer	Lopy Cheng <lopycheng@google.com>	Wed May 27 08:14:26 2020 +0000
tree	f695f6412776a1ce93d3000a7fc613c1ab9f2083
parent	94b5cccdc3eae402c8da30d25ca60f804f15a8d5 [diff]