PWN-Hunter/android_system_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

recovery.te: Allow writing to sysfs_devices_system_cpu.

Browse Source 
recovery (update_binary) may need to set up cpufreq during an update.

avc:  denied  { write } for  pid=335 comm="update_binary" name="scaling_max_freq" dev="sysfs" ino=7410 scontext=u:r:recovery:s0 tcontext=u:object_r:sysfs_devices_system_cpu:s0 tclass=file permissive=0

Bug: 32463933
Test: Build a recovery image and apply an OTA package that writes to
      /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq.

Change-Id: Ia90af9dd15e162dd94bcd4722b66aa296e3058c5
This commit is contained in:
Tao Bao 2016-11-22 13:53:01 -08:00
parent 747c69f43c
commit ee7960c05d
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
public/recovery.te
View File

@ -51,6 +51,9 @@ recovery_only(`
# TODO: create more specific label?
allow recovery sysfs:file w_file_perms;
# Write to /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq.
allow recovery sysfs_devices_system_cpu:file w_file_perms;
allow recovery sysfs_batteryinfo:file r_file_perms;
allow recovery kernel:system syslog_read;