Add sepolicy for edgetpu_tachyon_service to report metrics This permission is needed to report errors encountered while running gxp workloads to telemetry services. AVC Error seen while reporting errors: 11-21 09:30:05.711 406 406 E SELinux : avc: denied { find } for pid=1821 uid=1000 name=android.frameworks.stats.IStats/default scontext=u:r:edgetpu_tachyon_server:s0 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=0 Bug: 359404493 Flag: EXEMPT updates device sepolicy only Change-Id: Ic282928aad6283077e183f931230f79eea49053d Signed-off-by: Dinesh Yadav <dkyadav@google.com>

commit: 064b50e43ba8e983cde1a01e18bbb5d551649027 [log] [tgz]
author: Dinesh Yadav <dkyadav@google.com> Tue Nov 19 10:24:12 2024 +0000
committer: Dinesh Yadav <dkyadav@google.com> Thu Nov 21 06:39:00 2024 +0000
tree: d4535b7cc25bc295b14427a9307e63fccd6941ee
parent: efc0fc73ea91f65e55e9eb959d5c3710956e540d [diff]
diff --git a/gxp/sepolicy/edgetpu_tachyon_service.te b/gxp/sepolicy/edgetpu_tachyon_service.te
index 35987dd..31b7e7b 100644
--- a/gxp/sepolicy/edgetpu_tachyon_service.te
+++ b/gxp/sepolicy/edgetpu_tachyon_service.te

@@ -1,3 +1,7 @@
 # Allow Tachyon service to access the GXP device and read GXP properties.
 allow edgetpu_tachyon_server gxp_device:chr_file rw_file_perms;
 get_prop(edgetpu_tachyon_server, vendor_gxp_prop)
+
+# Allow tachyon service to log to stats service for reporting metrics.
+allow edgetpu_tachyon_server fwk_stats_service:service_manager find;
+binder_call(edgetpu_tachyon_server, system_server);
commit	064b50e43ba8e983cde1a01e18bbb5d551649027	[log] [tgz]
author	Dinesh Yadav <dkyadav@google.com>	Tue Nov 19 10:24:12 2024 +0000
committer	Dinesh Yadav <dkyadav@google.com>	Thu Nov 21 06:39:00 2024 +0000
tree	d4535b7cc25bc295b14427a9307e63fccd6941ee
parent	efc0fc73ea91f65e55e9eb959d5c3710956e540d [diff]