diff options
| author | Pratham Pratap <quic_ppratap@quicinc.com> | 2023-02-09 16:34:11 +0530 |
|---|---|---|
| committer | alk3pInjection <webmaster@raspii.tech> | 2023-06-13 00:20:25 +0800 |
| commit | 095327168912591119f783cf56511a2b1ab25fcc (patch) | |
| tree | 581eda2441e9caa357cdc48795109a8de2c57766 | |
| parent | b57edf437af2ed337942610ddda1f317cbedaf17 (diff) | |
sepolicy_vndr: Add permission to usb wakeup node of host mode
Currently if the target is in host mode bus suspend and is woke up
by connecting USB peripheral, system_suspend server tries to
read or open or getattr /sys/devices/platform/soc/c440000.qcom,spmi/
spmi-0/spmi0-00/ c440000.qcom,spmi:qcom,pm6150@0:qcom,usb-pdphy@1700/
usbpd/usbpd0/ nodes, it gets a denial as the wakeup nodes are created
dynamically,so when system_suspend tries to access the node it throws a
denial since it never got the permissions for accessing
the wakup nodes.
Following is the denial:
avc: denied { read } for comm="Binder:650_2" name="wakeup18"
dev="sysfs" ino=66695 scontext=u:r:system_suspend:s0
tcontext=u:object_r:vendor_sysfs_usbpd_device:s0 tclass=dir permissive=0
Fix this by creating a new sepolicy file and providing
system_suspend_server the permission of read to
vendor_sysfs_usb_node. This would give permissions to
sysfs_wakeup.
Change-Id: Ib624a90dadabd27044090cc7df0c7eb90a92ec40
| -rw-r--r-- | qva/vendor/common/system_suspend_server.te | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/qva/vendor/common/system_suspend_server.te b/qva/vendor/common/system_suspend_server.te new file mode 100644 index 00000000..093d72b4 --- /dev/null +++ b/qva/vendor/common/system_suspend_server.te @@ -0,0 +1,35 @@ + # Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved. + # + # Redistribution and use in source and binary forms, with or without + # modification, are permitted (subject to the limitations in the + # disclaimer below) provided that the following conditions are met: + # + # * Redistributions of source code must retain the above copyright + # notice, this list of conditions and the following disclaimer. + # + # * Redistributions in binary form must reproduce the above + # copyright notice, this list of conditions and the following + # disclaimer in the documentation and/or other materials provided + # with the distribution. + # + # * Neither the name of Qualcomm Innovation Center, Inc. nor the names of its + # contributors may be used to endorse or promote products derived + # from this software without specific prior written permission. + # + # NO EXPRESS OR IMPLIED LICENSES TO ANY PARTY'S PATENT RIGHTS ARE + # GRANTED BY THIS LICENSE. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT + # HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED + # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + # IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + # ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE + # GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER + # IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN + # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + # + +allow system_suspend_server vendor_sysfs_usbpd_device:dir r_dir_perms; +allow system_suspend_server vendor_sysfs_usbpd_device:file r_file_perms; |