From 854c54400c841aa27a5690716a415a4824531e86 Mon Sep 17 00:00:00 2001 From: Mukul Dhir Date: Sun, 15 Oct 2023 16:22:34 +0000 Subject: [PATCH] sdm710-common: sepolicy: Allow init to write to proc 01-01 02:13:02.803 344 344 I hwservicemanager: Since android.hardware.keymaster@3.0::IKeymasterDevice/default is not registered, trying to start it as a lazy HAL. 01-01 02:13:02.804 371 371 I HidlServiceManagement: getService: Trying again for android.hardware.keymaster@3.0::IKeymasterDevice/default... 01-01 02:13:02.930 1 1 I init : type=1400 audit(0.0:37): avc: denied { write } for name="dirty_background_bytes" dev="proc" ino=12937 scontext=u:r:init:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1 01-01 02:13:02.953 1 1 I init : type=1400 audit(0.0:38): avc: denied { write } for name="discard_max_bytes" dev="sysfs" ino=20778 scontext=u:r:init:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 01-01 02:13:02.953 1 1 I init : type=1400 audit(0.0:39): avc: denied { open } for path="/sys/devices/soc.0/f9824900.sdhci/mmc_host/mmc0/mmc0:0001/block/mmcblk0/queue/discard_max_bytes" dev="sysfs" ino=20778 scontext=u:r:init:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 Change-Id: I0283d0744619d82867318879152cd6fbfca094aa --- sepolicy/vendor/init.te | 1 + 1 file changed, 1 insertion(+) diff --git a/sepolicy/vendor/init.te b/sepolicy/vendor/init.te index aace085..ded3129 100644 --- a/sepolicy/vendor/init.te +++ b/sepolicy/vendor/init.te @@ -6,3 +6,4 @@ allow init self:rawip_socket create_socket_perms_no_ioctl; allow init socket_device:sock_file { unlink setattr create }; allow init debugfs_tracing_debug:dir mounton; +allow init proc:file write;