diff options
| author | ThiƩbaud Weksteen <tweek@google.com> | 2022-01-23 23:45:27 +0000 |
|---|---|---|
| committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2022-01-23 23:45:27 +0000 |
| commit | 16bb8e44d93a8b01cb1ce0497ccbf3eab3821e87 (patch) | |
| tree | 5ba8b1cbe003419b67e5e5f7fd3bbb1346036df5 | |
| parent | c392bf803e2893b49ee00dbd55d267d462b66952 (diff) | |
| parent | 2018ec7e5059f2a7afdf0a470fb083373864486c (diff) | |
Ignore cpuinfo properties am: ac00f38a4d am: a52bdb164e am: 2018ec7e50
Original change: https://android-review.googlesource.com/c/platform/hardware/google/pixel-sepolicy/+/1951040
Change-Id: I7acfe5024d8d17ce3b7c3b0793ee32a204be0f8a
| -rw-r--r-- | common/system_ext/property.te | 6 | ||||
| -rw-r--r-- | common/system_ext/property_contexts | 3 | ||||
| -rw-r--r-- | common/vendor/file.te (renamed from common/file.te) | 0 | ||||
| -rw-r--r-- | common/vendor/file_contexts (renamed from common/file_contexts) | 0 | ||||
| -rw-r--r-- | common/vendor/genfs_contexts (renamed from common/genfs_contexts) | 0 | ||||
| -rw-r--r-- | common/vendor/vendor_init.te (renamed from common/vendor_init.te) | 0 | ||||
| -rw-r--r-- | input/hal_input_classifier.te | 2 |
7 files changed, 9 insertions, 2 deletions
diff --git a/common/system_ext/property.te b/common/system_ext/property.te new file mode 100644 index 0000000..deb247a --- /dev/null +++ b/common/system_ext/property.te @@ -0,0 +1,6 @@ +# Apps using TensorFlow rely on cpuinfo to precisely detect the SoC. cpuinfo +# inspects multiple system properties such as ro.chipname which trigger a +# denial. These properties are not populated on Pixel, simply ignore any +# access. See b/210056469. +system_internal_prop(deprecated_soc_prop) +dontaudit domain deprecated_soc_prop:file *; diff --git a/common/system_ext/property_contexts b/common/system_ext/property_contexts new file mode 100644 index 0000000..0d8f321 --- /dev/null +++ b/common/system_ext/property_contexts @@ -0,0 +1,3 @@ +ro.chipname u:object_r:deprecated_soc_prop:s0 exact string +ro.hardware.chipname u:object_r:deprecated_soc_prop:s0 exact string +ro.mediatek.platform u:object_r:deprecated_soc_prop:s0 exact string diff --git a/common/file.te b/common/vendor/file.te index 8fb41bc..8fb41bc 100644 --- a/common/file.te +++ b/common/vendor/file.te diff --git a/common/file_contexts b/common/vendor/file_contexts index 0adc634..0adc634 100644 --- a/common/file_contexts +++ b/common/vendor/file_contexts diff --git a/common/genfs_contexts b/common/vendor/genfs_contexts index d762381..d762381 100644 --- a/common/genfs_contexts +++ b/common/vendor/genfs_contexts diff --git a/common/vendor_init.te b/common/vendor/vendor_init.te index 7299a26..7299a26 100644 --- a/common/vendor_init.te +++ b/common/vendor/vendor_init.te diff --git a/input/hal_input_classifier.te b/input/hal_input_classifier.te deleted file mode 100644 index 3f377ca..0000000 --- a/input/hal_input_classifier.te +++ /dev/null @@ -1,2 +0,0 @@ -# b/168431339 -dontaudit hal_input_classifier_default default_prop:file *; |