From 373e2fc7e22fa0224118e84afd0dd1e5013331bc Mon Sep 17 00:00:00 2001
From: orgesified <me@orgesified.ml>
Date: Thu, 1 Oct 2020 17:11:35 +0300
Subject: [PATCH] sdm660-common: sepolicy: Silence logspam

Co-authored-by: Jarl-Penguin <jarlpenguin@outlook.com>
Change-Id: Iea2d0ec097c4e33a038ce05fba801364c2e8a381
---
 sepolicy/vendor/fsck.te          |  1 +
 sepolicy/vendor/ims.te           |  1 +
 sepolicy/vendor/radio.te         | 15 +++++++++++++++
 sepolicy/vendor/system_server.te |  2 ++
 sepolicy/vendor/traced_probes.te |  1 +
 5 files changed, 20 insertions(+)
 create mode 100644 sepolicy/vendor/fsck.te
 create mode 100644 sepolicy/vendor/ims.te
 create mode 100644 sepolicy/vendor/traced_probes.te

diff --git a/sepolicy/vendor/fsck.te b/sepolicy/vendor/fsck.te
new file mode 100644
index 00000000..53da22d8
--- /dev/null
+++ b/sepolicy/vendor/fsck.te
@@ -0,0 +1 @@
+dontaudit fsck self:capability { dac_override dac_read_search };
diff --git a/sepolicy/vendor/ims.te b/sepolicy/vendor/ims.te
new file mode 100644
index 00000000..23178ef3
--- /dev/null
+++ b/sepolicy/vendor/ims.te
@@ -0,0 +1 @@
+dontaudit ims diag_device:chr_file { read write };
diff --git a/sepolicy/vendor/radio.te b/sepolicy/vendor/radio.te
index 51fb2c0c..6cca9efa 100644
--- a/sepolicy/vendor/radio.te
+++ b/sepolicy/vendor/radio.te
@@ -3,3 +3,18 @@ binder_call(radio, cnd)
 binder_call(radio, hal_imsrtp)
 allow radio { cameraserver_service mediaextractor_service mediaserver_service mediametrics_service drmserver_service audioserver_service }:service_manager find;
 get_prop(radio, qcom_ims_prop)
+
+dontaudit {
+    cnd
+    netmgrd
+    qti
+    adpl
+    hal_audio_default
+    rild
+    hal_imsrtp
+    hal_rcsservice
+    hal_sensors_default
+    hal_graphics_composer_default
+    sensors
+    vendor_dpmd
+} diag_device:chr_file { read write };
diff --git a/sepolicy/vendor/system_server.te b/sepolicy/vendor/system_server.te
index ca6c09da..47add3f9 100644
--- a/sepolicy/vendor/system_server.te
+++ b/sepolicy/vendor/system_server.te
@@ -15,6 +15,8 @@ allow system_server vendor_keylayout_file:dir search;
 allow system_server vendor_keylayout_file:file r_file_perms;
 allow system_server zygote:process { getpgid };
 
+dontaudit system_server sysfs:file { read open getattr };
+
 get_prop(system_server, exported_camera_prop)
 get_prop(system_server, userspace_reboot_config_prop)
 get_prop(system_server, userspace_reboot_exported_prop)
diff --git a/sepolicy/vendor/traced_probes.te b/sepolicy/vendor/traced_probes.te
new file mode 100644
index 00000000..b10064fe
--- /dev/null
+++ b/sepolicy/vendor/traced_probes.te
@@ -0,0 +1 @@
+dontaudit traced_probes debugfs_tracing_debug:file { read open getattr };