PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allow recovery to read thermal info on sailfish

Browse Source 
Encountered more denials on sailfish:

avc:  denied  { read } for  pid=439 comm="recovery" name="thermal"
dev="sysfs" ino=28516 scontext=u:r:recovery:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=dir permissive=0

avc:  denied  { read } for  pid=441 comm="recovery"
name="thermal_zone9" dev="sysfs" ino=40364 scontext=u:r:recovery:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=lnk_file permissive=0

Bug: 36920500
Test: sideload a package in sailfish
(cherry picked from commit b4e4565d58)

Change-Id: I46b14babd47168e87c0d30ec06281aaa237563bf
This commit is contained in:
Tianjie Xu 2017-04-14 14:06:22 -07:00
parent 20c2d4e98c
commit 71bccc7a74
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
public/recovery.te
View File

@ -93,8 +93,7 @@ recovery_only(`
allow recovery { cache_file cache_recovery_file }:file create_file_perms;
# Read /sys/class/thermal/*/temp for thermal info.
allow recovery sysfs_thermal:dir search;
allow recovery sysfs_thermal:file r_file_perms;
r_dir_file(recovery, sysfs_thermal)
# Read files on /oem.
r_dir_file(recovery, oemfs);