Gitiles
Code Review Sign In
gerrit.omnirom.org / android_device_google_gs101-sepolicy / 774949828e714e90a55451dd48cbf59a7fef4794^! / .
commit774949828e714e90a55451dd48cbf59a7fef4794[log] [tgz]
authorKevin Ying <kevinying@google.com>Thu May 09 20:57:27 2024 +0000
committerKevin Ying <kevinying@google.com>Thu Aug 08 23:17:18 2024 +0000
tree227ad9b23a128c50ba47f1db6dbdb7f36dffa763
parent2327a5c0f55008994201abd145e14014f3dcddc3 [diff]
Allow camera HAL to access power_state sysfs

08-03 01:36:52.108   791   791 W TaskPool: type=1400 audit(0.0:125): avc:  denied  { read } for  name="power_state" dev="sysfs" ino=86770 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 339690296
Test: Open camera, no display avc error
Flag: EXEMPT resource update only
Change-Id: I407c31e0898b07bef0df1b090dbc570f61c49272
Signed-off-by: Kevin Ying <kevinying@google.com>

diff --git a/display/gs101/genfs_contexts b/display/gs101/genfs_contexts
index 99badab..6144af6 100644
--- a/display/gs101/genfs_contexts
+++ b/display/gs101/genfs_contexts

@@ -2,12 +2,14 @@
 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_name                u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/serial_number             u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/refresh_rate              u:object_r:sysfs_display:s0
+genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/power_state               u:object_r:sysfs_display:s0
 genfscon sysfs /firmware/devicetree/base/drmdsim@0x1C2C0000/panel@0/compatible                 u:object_r:sysfs_display:s0
 
 genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/backlight                 u:object_r:sysfs_leds:s0
 genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/panel_name                u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/serial_number             u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/refresh_rate              u:object_r:sysfs_display:s0
+genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/power_state               u:object_r:sysfs_display:s0
 genfscon sysfs /firmware/devicetree/base/drmdsim@0x1C2D0000/panel@0/compatible                 u:object_r:sysfs_display:s0
 
 genfscon sysfs /module/drm/parameters/vblankoffdelay                                           u:object_r:sysfs_display:s0

diff --git a/whitechapel/vendor/google/hal_camera_default.te b/whitechapel/vendor/google/hal_camera_default.te
index b488860..5697afe 100644
--- a/whitechapel/vendor/google/hal_camera_default.te
+++ b/whitechapel/vendor/google/hal_camera_default.te

@@ -91,6 +91,7 @@
 # Allow camera HAL to read backlight of display
 allow hal_camera_default sysfs_leds:dir r_dir_perms;
 allow hal_camera_default sysfs_leds:file r_file_perms;
+allow hal_camera_default sysfs_display:file r_file_perms;
 
 # Allow camera HAL to query interrupts and set interrupt affinity
 allow hal_camera_default proc_irq:dir r_dir_perms;