Merge "sepolicy_vndr: suppress xdsp denial."

author: qctecmdr <qctecmdr@localhost> 2021-10-21 02:43:29 -0700
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2021-10-21 02:43:29 -0700
commit: d3b3dd6472df3c35973b35e616a119a30e31251b (patch)
tree: a13e8023c2ad37f05179d02c99cf5c4cc70da63b
parent: a0b37c2922f83d856473daa3ff00f2650211f249 (diff)
parent: 182ddd2394eacdc3acf5b5a9b364fb84327d25cb (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/qva/vendor/common/vppservice.te b/qva/vendor/common/vppservice.te
index bf73e3c4..cecc3e98 100644..100755
--- a/qva/vendor/common/vppservice.te
+++ b/qva/vendor/common/vppservice.te
@@ -57,6 +57,10 @@ allow vendor_vppservice ion_device:chr_file rw_file_perms;
 allow vendor_vppservice video_device:chr_file rw_file_perms;
 allow vendor_vppservice vendor_qdsp_device:chr_file r_file_perms;
 allow vendor_vppservice gpu_device:chr_file rw_file_perms;
+
+# suppress xdsp denial, since it is expected
+dontaudit vendor_vppservice vendor_xdsp_device:chr_file { open read ioctl };
+
 # allow vppservice to access dsp read_prop
 get_prop(vendor_vppservice, vendor_adsprpc_prop)
author	qctecmdr <qctecmdr@localhost>	2021-10-21 02:43:29 -0700
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2021-10-21 02:43:29 -0700
commit	d3b3dd6472df3c35973b35e616a119a30e31251b (patch)
tree	a13e8023c2ad37f05179d02c99cf5c4cc70da63b
parent	a0b37c2922f83d856473daa3ff00f2650211f249 (diff)
parent	182ddd2394eacdc3acf5b5a9b364fb84327d25cb (diff)