sdm660-common: sepolicy: Label /dev/stune(/.*) as cgroup

* avc: denied { write } for comm="adb_root" name="tasks" dev="tmpfs" ino=5693 scontext=u:r:adbroot:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0 * avc: denied { open } for comm="adb_root" name="tasks" dev="tmpfs" ino=5693 scontext=u:r:adbroot:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0 * avc: denied { write } for comm="installd" name="tasks" dev="tmpfs" ino=5693 scontext=u:r:installd:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0 * avc: denied { open } for comm="installd" name="tasks" dev="tmpfs" ino=5693 scontext=u:r:installd:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0 * avc: denied { write } for comm="netd" name="tasks" dev="tmpfs" ino=5693 scontext=u:r:netd:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0 * avc: denied { open } for comm="netd" name="tasks" dev="tmpfs" ino=5693 scontext=u:r:netd:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0 * avc: denied { write } for comm="storaged" name="tasks" dev="tmpfs" ino=5693 scontext=u:r:storaged:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0 * avc: denied { open } for comm="storaged" name="tasks" dev="tmpfs" ino=5693 scontext=u:r:storaged:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0 * avc: denied { write } for comm="apexd" name="tasks" dev="tmpfs" ino=5693 scontext=u:r:apexd:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0 Change-Id: Idc69978328640ff40ad5efe2f0abd79304e75893 Signed-off-by: clarencelol <clarencekuiek@icloud.com> Signed-off-by: pix106 <sbordenave@gmail.com>
2022-09-23 19:58:07 +08:00 · 2022-09-23 19:58:07 +08:00 · c4050270fd
commit c4050270fd
parent 717057c76c
1 changed files with 3 additions and 0 deletions
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@ -12,6 +12,9 @@
 /dev/blkio(/.*)?                                                                                                                  u:object_r:blkio_dev:s0
 /dev/blkio/background(/.*)?                                                                                                       u:object_r:blkio_dev:s0

+# Device nodes
+/dev/stune(/.*)?	                                                                                                           u:object_r:cgroup:s0
+
 # Executables
 /vendor/bin/sh                                                                                                                    u:object_r:vendor_shell_exec:s0