Gitiles
Code Review Sign In
gerrit.omnirom.org / android_device_google_gs101-sepolicy / c025f4915b97e08fc884a491d2c3f7f00db7cfe3^! / .
commitc025f4915b97e08fc884a491d2c3f7f00db7cfe3[log] [tgz]
authorSpade Lee <spadelee@google.com>Fri Nov 01 15:23:25 2024 +0000
committerSpade Lee <spadelee@google.com>Fri Nov 01 18:05:40 2024 +0000
tree21579e75264bcca708bb81d470061d11862a4322
parent541b51e17b031ad3ca99769328c4d941f2c70f8a [diff]
sepolicy: allow dump_power to read debugfs

11-01 11:59:42.836 11781 11781 W dump_power: type=1400 audit(0.0:46): avc:  denied  { search } for  name="usb" dev="debugfs" ino=2059 scontext=u:r:dump_power:s0 tcontext=u:object_r:vendor_usb_debugfs:s0 tclass=dir permissive=0
11-01 11:59:42.844 11781 11781 W dump_power: type=1400 audit(0.0:47): avc:  denied  { search } for  name="google_battery" dev="debugfs" ino=18509 scontext=u:r:dump_power:s0 tcontext=u:object_r:vendor_battery_debugfs:s0 tclass=dir permissive=0
11-01 11:59:42.844 11781 11781 W dump_power: type=1400 audit(0.0:48): avc:  denied  { read } for  name="maxfg" dev="debugfs" ino=16428 scontext=u:r:dump_power:s0 tcontext=u:object_r:vendor_maxfg_debugfs:s0 tclass=dir permissive=0
11-01 11:59:42.844 11781 11781 W dump_power: type=1400 audit(0.0:49): avc:  denied  { read } for  name="/" dev="debugfs" ino=1 scontext=u:r:dump_power:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0
11-01 11:59:42.844 11781 11781 W dump_power: type=1400 audit(0.0:50): avc:  denied  { read } for  name="/" dev="debugfs" ino=1 scontext=u:r:dump_power:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0
11-01 11:59:42.844 11781 11781 W dump_power: type=1400 audit(0.0:51): avc:  denied  { read } for  name="/" dev="debugfs" ino=1 scontext=u:r:dump_power:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0

Bug: 376080915
Test: adb bugreport without audit
Flag: EXEMPT bugfix
Change-Id: I7ae11300cd45f7e8c05c0dcf46d5dfda5c777400
Signed-off-by: Spade Lee <spadelee@google.com>

diff --git a/whitechapel/vendor/google/dump_power.te b/whitechapel/vendor/google/dump_power.te
index d745b20..cf7c14e 100644
--- a/whitechapel/vendor/google/dump_power.te
+++ b/whitechapel/vendor/google/dump_power.te

@@ -13,3 +13,12 @@
 allow dump_power mitigation_vendor_data_file:file r_file_perms;
 allow dump_power sysfs_bcl:dir r_dir_perms;
 allow dump_power sysfs_bcl:file r_file_perms;
+
+userdebug_or_eng(`
+  r_dir_file(dump_power, vendor_battery_debugfs)
+  r_dir_file(dump_power, vendor_maxfg_debugfs)
+  r_dir_file(dump_power, vendor_charger_debugfs)
+  r_dir_file(dump_power, vendor_votable_debugfs)
+  allow dump_power debugfs:dir r_dir_perms;
+  allow dump_power vendor_usb_debugfs:dir { search };
+')