• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright (c) 2022 Huawei Device Co., Ltd.
2# Licensed under the Apache License, Version 2.0 (the "License");
3# you may not use this file except in compliance with the License.
4# You may obtain a copy of the License at
5#
6#     http://www.apache.org/licenses/LICENSE-2.0
7#
8# Unless required by applicable law or agreed to in writing, software
9# distributed under the License is distributed on an "AS IS" BASIS,
10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14#avc:  denied  { read } for  pid=2050 comm="ps" scontext=u:r:sh:s0 tcontext=u:r:device_manager:s0 tclass=file permissive=1
15#avc:  denied  { open } for  pid=2057 comm="ps" path="/proc/489/stat" dev="proc" ino=39097 scontext=u:r:sh:s0 tcontext=u:r:device_manager:s0 tclass=file permissive=1
16allow sh device_manager:file { read open };
17
18#avc:  denied  { getattr } for  pid=2057 comm="ps" path="/proc/489" dev="proc" ino=35768 scontext=u:r:sh:s0 tcontext=u:r:device_manager:s0 tclass=dir permissive=1
19#avc:  denied  { search } for  pid=2057 comm="ps" name="489" dev="proc" ino=35768 scontext=u:r:sh:s0 tcontext=u:r:device_manager:s0 tclass=dir permissive=1
20allow sh device_manager:dir { getattr search };
21
22#avc:  denied  { call } for  pid=1952 comm="credentialtest" scontext=u:r:sh:s0 tcontext=u:r:device_manager:s0 tclass=binder permissive=1
23#avc:  denied  { transfer } for  pid=1952 comm="credentialtest" scontext=u:r:sh:s0 tcontext=u:r:device_manager:s0 tclass=binder permissive=1
24allow sh device_manager:binder { call transfer };
25
26#avc:  denied  { get } for service=4802 pid=2136 scontext=u:r:sh:s0 tcontext=u:object_r:sa_foundation_devicemanager_service:s0 tclass=samgr_class permissive=1
27allow sh sa_foundation_devicemanager_service:samgr_class { get };
28
29#avc:  denied  { get } for service=4801 pid=1855 scontext=u:r:sh:s0 tcontext=u:object_r:sa_dhardware_service:s0 tclass=samgr_class permissive=1
30allow sh sa_dhardware_service:samgr_class { get };
31