From 4c3a0d1f52fa05bab0fe6e4dfc8312a030d8adfa Mon Sep 17 00:00:00 2001 From: kleidione Freitas Date: Sun, 20 Mar 2022 17:43:23 -0300 Subject: veux: sepolicy: Add more sepolicy rule for hal default sensor - [ 7206.619148] type=1400 audit(1666291831.667:316): avc: denied { ioctl } for comm="sensors@2.1-ser" path="socket:[441443]" dev="sockfs" ino=441443 ioctlcmd=0xc502 scontext=u:r:hal_sensors_default:s0 tcontext=u:r:hal_sensors_default:s0 tclass=qipcrtr_socket permissive=0 Signed-off-by: kleidione --- sepolicy/vendor/hal_sensors_default.te | 2 ++ 1 file changed, 2 insertions(+) (limited to 'sepolicy/vendor') diff --git a/sepolicy/vendor/hal_sensors_default.te b/sepolicy/vendor/hal_sensors_default.te index 1d3339e..3640403 100644 --- a/sepolicy/vendor/hal_sensors_default.te +++ b/sepolicy/vendor/hal_sensors_default.te @@ -2,6 +2,8 @@ binder_call(hal_sensors_default, hal_audio_default) hal_client_domain(hal_sensors_default, hal_audio) +allow hal_sensors_default hal_sensors_default:qipcrtr_socket { ioctl }; + allow hal_sensors_default audio_socket:sock_file rw_file_perms; allow hal_sensors_default socket_device:sock_file rw_file_perms; allow hal_sensors_default sound_device:chr_file rw_file_perms; -- cgit v1.2.3