diff options
author | Joel Galenson <jgalenson@google.com> | 2018-03-19 14:32:02 -0700 |
---|---|---|
committer | Joel Galenson <jgalenson@google.com> | 2018-03-19 14:36:32 -0700 |
commit | b774d729321c146220b5186dd3b17833c89e76b9 (patch) | |
tree | b59e573a6d62f74159bb2c5ce581e050cf46907f /sepolicy | |
parent | dd2b49353d6e0fe149a5e782e6cda02c9cb52195 (diff) | |
download | bonito-b774d729321c146220b5186dd3b17833c89e76b9.tar.gz |
Hide and label unwanted denials.
Occasionally hal_graphics_composer_default tries to load some aes
crypto modules. Shortly after boot, a priv_app tries to read zygote's
stat file.
Bug: 72643420
Bug: 72749888
Test: Booted device and checked denials. Tested wifi.
Change-Id: I095b0a78ce737daf4445221514ba4b8ce400d700
Diffstat (limited to 'sepolicy')
-rw-r--r-- | sepolicy/vendor/bug_map | 1 | ||||
-rw-r--r-- | sepolicy/vendor/hal_graphics_composer_default.te | 2 |
2 files changed, 3 insertions, 0 deletions
diff --git a/sepolicy/vendor/bug_map b/sepolicy/vendor/bug_map index a659670f..5c9c2540 100644 --- a/sepolicy/vendor/bug_map +++ b/sepolicy/vendor/bug_map @@ -7,5 +7,6 @@ cnd system_data_file file 73994924 init cgroup file 74182216 netd netd capability 73947368 priv_app sysfs file 72749888 +priv_app zygote dir 72749888 sensors sensors capability 74548718 zygote cgroup file 74182216 diff --git a/sepolicy/vendor/hal_graphics_composer_default.te b/sepolicy/vendor/hal_graphics_composer_default.te index 8cc6b1d3..10907aaa 100644 --- a/sepolicy/vendor/hal_graphics_composer_default.te +++ b/sepolicy/vendor/hal_graphics_composer_default.te @@ -38,3 +38,5 @@ userdebug_or_eng(` allow hal_graphics_composer_default debugfs_mdp:dir r_dir_perms; allow hal_graphics_composer_default debugfs_mdp:file r_file_perms; ') + +dontaudit hal_graphics_composer_default kernel:system module_request; |