sepolicy_vndr: suppress xdsp denial.

Change-Id: Ie33815a9fbf1b4b8ee7b7acdfdeae896805fae1c
author: Rui Wang <ruiwan@codeaurora.org> 2021-10-12 13:17:02 +0800
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2021-10-11 22:36:08 -0700
commit: 182ddd2394eacdc3acf5b5a9b364fb84327d25cb (patch)
tree: 77092203491f051edc06c748254b2918a6b578d6
parent: 9e1dcf7de58b79a34690b9ece62a8b8f8ef66f92 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/qva/vendor/common/vppservice.te b/qva/vendor/common/vppservice.te
index bf73e3c4..cecc3e98 100644..100755
--- a/qva/vendor/common/vppservice.te
+++ b/qva/vendor/common/vppservice.te
@@ -57,6 +57,10 @@ allow vendor_vppservice ion_device:chr_file rw_file_perms;
 allow vendor_vppservice video_device:chr_file rw_file_perms;
 allow vendor_vppservice vendor_qdsp_device:chr_file r_file_perms;
 allow vendor_vppservice gpu_device:chr_file rw_file_perms;
+
+# suppress xdsp denial, since it is expected
+dontaudit vendor_vppservice vendor_xdsp_device:chr_file { open read ioctl };
+
 # allow vppservice to access dsp read_prop
 get_prop(vendor_vppservice, vendor_adsprpc_prop)
author	Rui Wang <ruiwan@codeaurora.org>	2021-10-12 13:17:02 +0800
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2021-10-11 22:36:08 -0700
commit	182ddd2394eacdc3acf5b5a9b364fb84327d25cb (patch)
tree	77092203491f051edc06c748254b2918a6b578d6
parent	9e1dcf7de58b79a34690b9ece62a8b8f8ef66f92 (diff)