diff options
| author | ThiƩbaud Weksteen <tweek@google.com> | 2022-01-23 23:36:19 +0000 |
|---|---|---|
| committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-01-23 23:36:19 +0000 |
| commit | 2018ec7e5059f2a7afdf0a470fb083373864486c (patch) | |
| tree | 1c3e007b329313a63fe4188ccced80c435651874 | |
| parent | 94d5af4b139f6fb78b3963e96e2ef1ef146b5e80 (diff) | |
| parent | a52bdb164e2ebe1d270022b9a0235382f575b5e7 (diff) | |
| download | pixel-sepolicy-2018ec7e5059f2a7afdf0a470fb083373864486c.tar.gz | |
Ignore cpuinfo properties am: ac00f38a4d am: a52bdb164e
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1951040
Change-Id: Ifd68cd665d56d1a8bd5223fc801018fe7cd44a5a
| -rw-r--r-- | common/system_ext/property.te | 6 | ||||
| -rw-r--r-- | common/system_ext/property_contexts | 3 | ||||
| -rw-r--r-- | common/vendor/file.te (renamed from common/file.te) | 0 | ||||
| -rw-r--r-- | common/vendor/file_contexts (renamed from common/file_contexts) | 0 | ||||
| -rw-r--r-- | common/vendor/genfs_contexts (renamed from common/genfs_contexts) | 0 | ||||
| -rw-r--r-- | common/vendor/vendor_init.te (renamed from common/vendor_init.te) | 0 | ||||
| -rw-r--r-- | input/hal_input_classifier.te | 2 |
7 files changed, 9 insertions, 2 deletions
diff --git a/common/system_ext/property.te b/common/system_ext/property.te new file mode 100644 index 0000000..deb247a --- /dev/null +++ b/common/system_ext/property.te @@ -0,0 +1,6 @@ +# Apps using TensorFlow rely on cpuinfo to precisely detect the SoC. cpuinfo +# inspects multiple system properties such as ro.chipname which trigger a +# denial. These properties are not populated on Pixel, simply ignore any +# access. See b/210056469. +system_internal_prop(deprecated_soc_prop) +dontaudit domain deprecated_soc_prop:file *; diff --git a/common/system_ext/property_contexts b/common/system_ext/property_contexts new file mode 100644 index 0000000..0d8f321 --- /dev/null +++ b/common/system_ext/property_contexts @@ -0,0 +1,3 @@ +ro.chipname u:object_r:deprecated_soc_prop:s0 exact string +ro.hardware.chipname u:object_r:deprecated_soc_prop:s0 exact string +ro.mediatek.platform u:object_r:deprecated_soc_prop:s0 exact string diff --git a/common/file.te b/common/vendor/file.te index 8fb41bc..8fb41bc 100644 --- a/common/file.te +++ b/common/vendor/file.te diff --git a/common/file_contexts b/common/vendor/file_contexts index 0adc634..0adc634 100644 --- a/common/file_contexts +++ b/common/vendor/file_contexts diff --git a/common/genfs_contexts b/common/vendor/genfs_contexts index d762381..d762381 100644 --- a/common/genfs_contexts +++ b/common/vendor/genfs_contexts diff --git a/common/vendor_init.te b/common/vendor/vendor_init.te index 7299a26..7299a26 100644 --- a/common/vendor_init.te +++ b/common/vendor/vendor_init.te diff --git a/input/hal_input_classifier.te b/input/hal_input_classifier.te deleted file mode 100644 index 3f377ca..0000000 --- a/input/hal_input_classifier.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/168431339 -dontaudit hal_input_classifier_default default_prop:file *; |