Gitiles
Code Review Sign In
LeafOS / LeafOS-Devices / android_device_mediatek_sepolicy / 867c2d975c01901ba468ef267192a8695ad07164^! / .
commit867c2d975c01901ba468ef267192a8695ad07164[log] [tgz]
authorSamarV-121 <samarvispute121@pm.me>Tue Sep 13 18:58:52 2022 +0530
committerSamarV-121 <samarvispute121@pm.me>Sat Sep 17 17:57:47 2022 +0530
treea2136c3db71a102a98173119f291e861309fbd76
parent80d5256a49fdead58f017cdc44842924755dffe1 [diff]
sepolicy: Allow composer HAL to set vendor_sf_latch_unsignaled_prop

I auditd  : type=1107 audit(0.0:204): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.debug.sf.latch_unsignaled pid=719 uid=1000 gid=1003 scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:system_mtk_debug_sf_prop:s0 tclass=property_service permissive=0'

Change-Id: Ibbbfa101ba1c8188a0bf03ecdb6f8e9fb73025f6

diff --git a/basic/non_plat/hal_graphics_composer_default.te b/basic/non_plat/hal_graphics_composer_default.te
index 6dacaa4..eea3c11 100644
--- a/basic/non_plat/hal_graphics_composer_default.te
+++ b/basic/non_plat/hal_graphics_composer_default.te

@@ -75,3 +75,4 @@
 # Purpose: Add permission for simplehwc reading dmabuf_system_secure_heap_device
 allow hal_graphics_composer_default dmabuf_system_secure_heap_device:chr_file r_file_perms_no_map;
 
+set_prop(hal_graphics_composer_default, vendor_sf_latch_unsignaled_prop)

diff --git a/basic/non_plat/property.te b/basic/non_plat/property.te
index 46f530d..06da2d4 100644
--- a/basic/non_plat/property.te
+++ b/basic/non_plat/property.te

@@ -125,6 +125,7 @@
 vendor_restricted_prop(vendor_mtk_crossmount_prop)
 vendor_restricted_prop(vendor_mtk_deinterlace_prop)
 vendor_restricted_prop(vendor_mtk_omx_core_prop)
+vendor_restricted_prop(vendor_sf_latch_unsignaled_prop)
 
 # Properties with can be read by all domains
 typeattribute vendor_mtk_aal_ro_prop                 mtk_core_property_type;
@@ -205,3 +206,4 @@
 typeattribute vendor_mtk_crossmount_prop             mtk_core_property_type;
 typeattribute vendor_mtk_deinterlace_prop            mtk_core_property_type;
 typeattribute vendor_mtk_omx_core_prop               mtk_core_property_type;
+typeattribute vendor_sf_latch_unsignaled_prop        mtk_core_property_type;

diff --git a/basic/non_plat/property_contexts b/basic/non_plat/property_contexts
index c2c46e6..fecfe2d 100644
--- a/basic/non_plat/property_contexts
+++ b/basic/non_plat/property_contexts

@@ -387,3 +387,4 @@
 mtk.vendor.omx.core.log         u:object_r:vendor_mtk_omx_core_prop:s0
 ro.mtk_crossmount_support       u:object_r:vendor_mtk_crossmount_prop:s0
 ro.mtk_deinterlace_support      u:object_r:vendor_mtk_deinterlace_prop:s0
+vendor.debug.sf.latch_unsignaled u:object_r:vendor_sf_latch_unsignaled_prop:s0