Add the sepolicy rules for hal_sensors_default
Fix the avc error of hal_sensors_defualt.
avc: denied { ioctl } for path="/dev/diag" dev="tmpfs" ino=15822 ioctlcmd=0x20 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file permissive=1
avc: denied { open } for path="/dev/diag" dev="tmpfs" ino=15822 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file permissive=1
avc: denied { read write } for name="diag" dev="tmpfs" ino=15822 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_file permissive=1
avc: denied { search } for name="vendor" dev="tmpfs" ino=25816 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=1
avc: denied { search } for name="/" dev="sda2" ino=2 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
avc: denied { read } for name="persist" dev="dm-0" ino=48 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:persist_file:s0 tclass=lnk_file permissive=1
avc: denied { create } for scontext=u:r:hal_sensors_default:s0 tcontext=u:r:hal_sensors_default:s0 tclass=qipcrtr_socket permissive=1
avc: denied { getattr } for scontext=u:r:hal_sensors_default:s0 tcontext=u:r:hal_sensors_default:s0 tclass=qipcrtr_socket permissive=1
avc: denied { read } for scontext=u:r:hal_sensors_default:s0 tcontext=u:r:hal_sensors_default:s0 tclass=qipcrtr_socket permissive=1
avc: denied { setopt } for scontext=u:r:hal_sensors_default:s0 tcontext=u:r:hal_sensors_default:s0 tclass=qipcrtr_socket permissive=1
avc: denied { write } for scontext=u:r:hal_sensors_default:s0 tcontext=u:r:hal_sensors_default:s0 tclass=qipcrtr_socket permissive=1
avc: denied { add_name } for name="cal.bin" scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_vendor_data_file:s0 tclass=dir permissive=1
avc: denied { search } for name="sensors" dev="dm-5" ino=211 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_vendor_data_file:s0 tclass=dir permissive=1
avc: denied { write } for name="sensors" dev="dm-5" ino=13160 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_vendor_data_file:s0 tclass=dir permissive=1
avc: denied { getattr } for path="/data/vendor/sensors/cal.bin" dev="dm-5" ino=4142 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_vendor_data_file:s0 tclass=file permissive=1
avc: denied { open } for path="/data/vendor/sensors/cal.bin" dev="dm-5" ino=4142 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_vendor_data_file:s0 tclass=file permissive=1
avc: denied { read } for name="cal.bin" dev="dm-5" ino=5223 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_vendor_data_file:s0 tclass=file permissive=1
avc: denied { open } for path="/sys/devices/platform/soc/aae0000.qcom,venus/subsys6/name" dev="sysfs" ino=67903 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_ssr:s0 tclass=file permissive=1 b/129437033
avc: denied { read } for name="name" dev="sysfs" ino=67903 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_ssr:s0 tclass=file permissive=1 b/129437033
avc: denied { open } for path="/sys/devices/platform/soc/9800000.qcom,npu/subsys4/name" dev="sysfs" ino=53206 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
avc: denied { open } for path="/sys/devices/platform/soc/aae0000.qcom,venus/subsys6/name" dev="sysfs" ino=67761 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
avc: denied { read } for name="name" dev="sysfs" ino=67761 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
avc: denied { read } for name="cal.bin" dev="dm-5" ino=4142 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_vendor_data_file:s0 tclass=file permissive=1
avc: denied { getattr } for path="/mnt/vendor/persist/sensors/sensors_settings" dev="sda2" ino=78 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_persist_file:s0 tclass=file permissive=1
avc: denied { open } for path="/mnt/vendor/persist/sensors/sensors_settings" dev="sda2" ino=78 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_persist_file:s0 tclass=file permissive=1
avc: denied { read } for name="sensors_settings" dev="sda2" ino=78 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_persist_file:s0 tclass=file permissive=1
avc: denied { search } for name="sensors" dev="sda2" ino=16 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sensors_persist_file:s0 tclass=dir permissive=1
avc: denied { open } for path="/sys/bus/msm_subsys/devices" dev="sysfs" ino=26321 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir permissive=1
avc: denied { open } for path="/sys/devices/platform/soc/soc:qcom,kgsl-hyp/subsys5/name" dev="sysfs" ino=53126 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=file permissive=1
avc: denied { read } for name="devices" dev="sysfs" ino=26321 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir permissive=1
avc: denied { read } for name="name" dev="sysfs" ino=53126 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=file permissive=1
avc: denied { search } for name="msm_subsys" dev="sysfs" ino=26319 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir permissive=1
avc: denied { ioctl } for path="/dev/vndbinder" dev="tmpfs" ino=7072 ioctlcmd=0x6209 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file permissive=1
avc: denied { open } for path="/dev/vndbinder" dev="tmpfs" ino=7072 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file permissive=1
avc: denied { read write } for name="vndbinder" dev="tmpfs" ino=7072 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:vndbinder_device:s0 tclass=chr_file permissive=1
Bug: 141525374
Test: flash selinux modules to device and find avc errors gone
Change-Id: I1d6bf579d6917d416c106e941cc8c02fb1c48f38
1 file changed
