msm8226-common: sepolicy: Label sysfs_sensors, resolve denials

* avc: denied { read } for name="ssp_sensor" dev="sysfs" ino=27809 scontext=u:r:init:s0 tcontext=u:object_r:sysfs_sensors:s0 tclass=lnk_file permissive=1 * avc: denied { setattr } for name="temperature" dev="sysfs" ino=10861 scontext=u:r:init:s0 tcontext=u:object_r:sysfs_sensors:s0 tclass=file permissive=0 Change-Id: I2e4a436704ed019af153da880d7becbde4b0ab11
2024-11-06 21:55:45 +00:00 · 2018-11-14 20:08:14 -07:00 · 2018-11-14 20:08:14 -07:00 · c75b3abe8d
commit c75b3abe8d
parent 5bc5db2267
2 changed files with 6 additions and 1 deletions
--- a/sepolicy/common/file_contexts
+++ b/sepolicy/common/file_contexts
@ -77,3 +77,6 @@
 /sys/devices/virtual/sec/sec_touchkey(/.*)?             u:object_r:sysfs_sec_touchkey:s0
 /sys/devices/virtual/sec/switch(/.*)?                   u:object_r:sysfs_sec_switch:s0
 /sys/devices/virtual/sec/tsp(/.*)?                      u:object_r:sysfs_sec_tsp:s0
+
+# sysfs - sensors
+/sys/devices/virtual/sensors(/.*)?                      u:object_r:sysfs_sensors:s0
--- a/sepolicy/common/init.te
+++ b/sepolicy/common/init.te
@ -1,6 +1,7 @@
 allow init {
    sysfs_iio
    sysfs_sec_tsp
+    sysfs_sensors
 }:lnk_file read;

 allow init sysfs_input:file rw_file_perms;
@ -22,7 +23,8 @@ allow init {
    sysfs_sec_switch
    sysfs_sec_thermistor
    sysfs_sec_touchkey
-    sysfs_sec_tsp    
+    sysfs_sec_tsp
+    sysfs_sensors
 }:file setattr;

 allow init {