diff options
| author | jaejyn.shin <jaejyn.shin@lge.com> | 2015-06-24 16:46:05 +0900 |
|---|---|---|
| committer | Thierry Strudel <tstrudel@google.com> | 2015-06-30 23:16:24 +0000 |
| commit | 1fb2d0aa387e94dff82d70f5416b3d17857f84f6 (patch) | |
| tree | b8fff0f07b466f75c0df4c19b14c004e4e545e9e /sepolicy/file_contexts | |
| parent | 85e3b33876a1fab0ff69db58e2a858f928b20da7 (diff) | |
| download | bullhead-1fb2d0aa387e94dff82d70f5416b3d17857f84f6.tar.gz | |
bullhead/sepolicy: domain transition in init to bullhead-sh and allow denails
init: Warning! Service bullhead-sh needs a SELinux domain defined; please fix!
avc: denied { create } for pid=559 comm="cp" name="mcfg_sw.mbn" scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:radio_data_file:s0 tclass=file permissive=1
avc: denied { read write open } for pid=559 comm="cp" path="/data/misc/radio/modem_config/mcfg_sw/generic/apac/airtel/commerci/mcfg_sw.mbn" dev="mmcblk0p45" ino=32746 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:radio_data_file:s0 tclass=file permissive=1
avc: denied { getattr } for pid=612 comm="chown" path="/data/misc/radio/modem_config/mcfg_sw/generic/apac/airtel/commerci/mcfg_sw.mbn" dev="mmcblk0p45" ino=32746 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:radio_data_file:s0 tclass=file permissive=1
avc: denied { setattr } for pid=612 comm="chown" name="mcfg_sw.mbn" dev="mmcblk0p45" ino=32746 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:radio_data_file:s0 tclass=file permissive=1
avc: denied { getattr } for pid=559 comm="cp" path="/firmware/image/modem_pr/mcfg/configs/mcfg_sw/generic/apac/airtel/commerci/mcfg_sw.mbn" dev="mmcblk0p1" ino=39 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:firmware_file:s0 tclass=file permissive=1
avc: denied { read } for pid=559 comm="cp" name="mcfg_sw.mbn" dev="mmcblk0p1" ino=39 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:firmware_file:s0 tclass=file permissive=1
avc: denied { open } for pid=559 comm="cp" path="/firmware/image/modem_pr/mcfg/configs/mcfg_sw/generic/apac/airtel/commerci/mcfg_sw.mbn" dev="mmcblk0p1" ino=39 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:firmware_file:s0 tclass=file permissive=1
avc: denied { chown } for pid=612 comm="chown" capability=0 scontext=u:r:bullhead-sh:s0 tcontext=u:r:bullhead-sh:s0 tclass=capability permissive=1
avc: denied { read } for pid=455 comm="init.bullhead.s" path="/system/bin/sh" dev="dm-0" ino=509 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:shell_exec:s0 tclass=file permissive=1
avc: denied { write } for pid=461 comm="mkdir" name="radio" dev="mmcblk0p45" ino=32713 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:radio_data_file:s0 tclass=dir permissive=1
avc: denied { add_name } for pid=461 comm="mkdir" name="modem_config" scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:radio_data_file:s0 tclass=dir permissive=1
avc: denied { create } for pid=461 comm="mkdir" name="modem_config" scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:radio_data_file:s0 tclass=dir permissive=1
avc: denied { getattr } for pid=489 comm="chmod" path="/data/misc/radio/modem_config" dev="mmcblk0p45" ino=32736 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:radio_data_file:s0 tclass=dir permissive=1
avc: denied { setattr } for pid=489 comm="chmod" name="modem_config" dev="mmcblk0p45" ino=32736 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:radio_data_file:s0 tclass=dir permissive=1
avc: denied { search } for pid=455 comm="init.bullhead.s" name="modem_pr" dev="mmcblk0p1" ino=15 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:firmware_file:s0 tclass=dir permissive=1
avc: denied { read } for pid=455 comm="init.bullhead.s" name="configs" dev="mmcblk0p1" ino=18 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:firmware_file:s0 tclass=dir permissive=1
avc: denied { open } for pid=455 comm="init.bullhead.s" path="/firmware/image/modem_pr/mcfg/configs" dev="mmcblk0p1" ino=18 scontext=u:r:bullhead-sh:s0 tcontext=u:object_r:firmware_file:s0 tclass=dir permissive=1
Change-Id: I4a72cfa8f8ba88a7244533e675efa42aac9ff8a6
Diffstat (limited to 'sepolicy/file_contexts')
| -rw-r--r-- | sepolicy/file_contexts | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index ee2e49a..983f53a 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -100,6 +100,7 @@ /system/bin/imscmservice u:object_r:imscm_exec:s0 /system/bin/cnd u:object_r:cnd_exec:s0 /system/bin/init.bullhead.power.sh u:object_r:init-power-sh_exec:s0 +/system/bin/init.bullhead.sh u:object_r:bullhead-sh_exec:s0 # Sysfs files used by qmuxd /sys/devices/virtual/smdpkt/smdcntl([0-9])+/open_timeout u:object_r:sysfs_smdcntl_open_timeout:s0 |