From 44a9deba14be06ec7e8c8ea82359ba011cfb212a Mon Sep 17 00:00:00 2001 From: Machad3x Date: Sat, 8 Feb 2025 10:05:46 -0400 Subject: [PATCH] sm8550-common: sepolicy: Address Health HAL denials 02-08 08:14:53.013 1301 1301 W android.hardwar: type=1400 audit(0.0:5781): avc: denied { read } for name="type" dev="sysfs" ino=131672 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 02-08 09:37:59.333 1312 1312 W android.hardwar: type=1400 audit(0.0:4052): avc: denied { open } for path="/sys/devices/platform/soc/9c0000.qcom,qupv3_i2c_geni_se/9a0000.i2c/i2c-38/38-0066/max77705-charger/power_supply/max77705-charger/type" dev="sysfs" ino=132029 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 02-08 09:37:59.333 1312 1312 W android.hardwar: type=1400 audit(0.0:4053): avc: denied { open } for path="/sys/devices/platform/soc/9c0000.qcom,qupv3_i2c_geni_se/9a0000.i2c/i2c-38/38-0057/power_supply/pca9481-charger/type" dev="sysfs" ino=122512 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 02-08 09:37:59.333 1312 1312 W android.hardwar: type=1400 audit(0.0:4054): avc: denied { open } for path="/sys/devices/platform/soc/9c0000.qcom,qupv3_i2c_geni_se/9a0000.i2c/i2c-38/38-0066/max77705-charger/power_supply/max77705-otg/type" dev="sysfs" ino=132066 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 02-08 09:37:59.333 1312 1312 W android.hardwar: type=1400 audit(0.0:4055): avc: denied { open } for path="/sys/devices/platform/soc/9c0000.qcom,qupv3_i2c_geni_se/994000.i2c/i2c-37/37-0038/power_supply/mfc-charger/type" dev="sysfs" ino=118249 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 02-08 09:37:59.333 1312 1312 W android.hardwar: type=1400 audit(0.0:4056): avc: denied { open } for path="/sys/devices/platform/soc/9c0000.qcom,qupv3_i2c_geni_se/9a0000.i2c/i2c-38/38-0066/max77705-fuelgauge/power_supply/max77705-fuelgauge/type" dev="sysfs" ino=130125 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 02-08 09:37:59.337 1312 1312 W android.hardwar: type=1400 audit(0.0:4057): avc: denied { open } for path="/sys/devices/platform/soc/9c0000.qcom,qupv3_i2c_geni_se/9a0000.i2c/i2c-38/38-0066/max77705-charger/power_supply/max77705-charger/type" dev="sysfs" ino=132029 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 22 --- sepolicy/vendor/hal_health_default.te | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sepolicy/vendor/hal_health_default.te b/sepolicy/vendor/hal_health_default.te index 0c5b4d2..824ac0c 100644 --- a/sepolicy/vendor/hal_health_default.te +++ b/sepolicy/vendor/hal_health_default.te @@ -9,3 +9,5 @@ allow hal_health_default sysfs_wakeup:file r_file_perms; # Allow Thermal service to access the health HAL allow hal_health_default hal_thermal_samsung_hwservice:hwservice_manager find; binder_call(hal_health_default, hal_thermal_default) + +allow hal_health_default sysfs:file { getattr open read };