• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright (c) 2022 Huawei Device Co., Ltd.
2# Licensed under the Apache License, Version 2.0 (the "License");
3# you may not use this file except in compliance with the License.
4# You may obtain a copy of the License at
5#
6#     http://www.apache.org/licenses/LICENSE-2.0
7#
8# Unless required by applicable law or agreed to in writing, software
9# distributed under the License is distributed on an "AS IS" BASIS,
10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14#avc:  denied  { get } for service=5100 pid=622 scontext=u:r:foundation:s0 tcontext=u:object_r:sa_device_service_manager:s0 tclass=samgr_class permissive=1
15allow foundation sa_device_service_manager:samgr_class { get };
16
17#avc:  denied  { get } for service=3299 pid=622 scontext=u:r:foundation:s0 tcontext=u:object_r:sa_foundation_cesfwk_service:s0 tclass=samgr_class permissive=1
18allow foundation sa_foundation_cesfwk_service:samgr_class { get };
19
20#avc:  denied  { add } for service=3303 pid=536 scontext=u:r:foundation:s0 tcontext=u:object_r:sa_foundation_service:s0 tclass=samgr_class permissive=1
21allow foundation sa_foundation_thermal_service:samgr_class { add };
22
23#avc:  denied  { call } for  pid=472 comm="thermal" scontext=u:r:thermal:s0 tcontext=u:r:sh:s0 tclass=binder permissive=1
24allow foundation sh:binder { call };
25
26#avc:  denied  { call } for  pid=472 comm="thermal" scontext=u:r:thermal:s0 tcontext=u:r:normal_hap:s0 tclass=binder permissive=1
27allow foundation normal_hap:binder { call };
28
29#avc:  denied  { get } for service=1906 pid=470 scontext=u:r:thermal:s0 tcontext=u:object_r:sa_resource_schedule_socperf_server:s0 tclass=samgr_class permissive=1
30allow foundation sa_resource_schedule_socperf_server:samgr_class { get };
31
32#avc:  denied  { call } for  pid=412 comm="thermal" scontext=u:r:thermal:s0 tcontext=u:r:resource_schedule_service:s0 tclass=binder permissive=1
33allow foundation resource_schedule_service:binder { call };
34
35#avc:  denied  { add } for service=3303 pid=530 scontext=u:r:thermal:s0 tcontext=u:object_r:vendor_etc_file:s0 tclass=file permissive=1
36allow foundation vendor_etc_file:file { getattr open read };
37
38#avc:  denied  { get } for service=3308 pid=471 scontext=u:r:thermal:s0 tcontext=u:object_r:sa_foundation_displaymgr_service:s0 tclass=samgr_class permissive=1
39allow foundation sa_foundation_displaymgr_service:samgr_class { get };
40
41#avc:  denied  { get } for service=3009 pid=2003 scontext=u:r:thermal:s0 tcontext=u:object_r:sa_audio_policy_service:s0 tclass=samgr_class permissive=1
42allow foundation sa_audio_policy_service:samgr_class { get };
43
44#avc:  denied  { call } for  pid=2298 comm="thermal" scontext=u:r:thermal:s0 tcontext=u:r:audio_policy:s0 tclass=binder permissive=1
45allow foundation audio_policy:binder { call };
46
47#avc:  denied  { add } for service=3303 pid=487 scontext=u:r:foundation:s0 tcontext=u:object_r:sa_thermal_service:s0 tclass=samgr_class permissive=1
48allow foundation sa_foundation_thermal_service:samgr_class { add };
49
50#avc:  denied  { search } for  pid=538 comm="foundation" name="thermal_config" dev="mmcblk0p6" ino=874 scontext=u:r:foundation:s0 tcontext=u:object_r:system_etc_thermal_file:s0 tclass=dir permissive=1
51allow foundation system_etc_thermal_file:dir { search };
52
53#avc:  denied  { get } for service=thermal_interface_service pid=481 scontext=u:r:foundation:s0 tcontext=u:object_r:hdf_thermal_interface_service:s0 tclass=hdf_devmgr_class permissive=1
54allow foundation hdf_thermal_interface_service:hdf_devmgr_class { get };
55
56#avc:  denied  { get } for service=801 pid=510 scontext=u:r:foundation:s0 tcontext=u:object_r:sa_accessibleabilityms:s0 tclass=samgr_class permissive=1
57allow foundation sa_accessibleabilityms:samgr_class { get };
58
59#avc:  denied  { getattr } for  pid=493 comm="foundation" path="/system/etc/thermal_config/thermal_service_config.xml" dev="mmcblk0p6" ino=916 scontext=u:r:foundation:s0 tcontext=u:object_r:system_etc_thermal_file:s0 tclass=file permissive=1
60#avc:  denied  { read } for  pid=2200 comm="foundation" name="thermal_service_config.xml" dev="mmcblk0p6" ino=916 scontext=u:r:foundation:s0 tcontext=u:object_r:system_etc_thermal_file:s0 tclass=file permissive=1
61#avc:  denied  { open } for  pid=2205 comm="foundation" path="/system/etc/thermal_config/thermal_service_config.xml" dev="mmcblk0p6" ino=916 scontext=u:r:foundation:s0 tcontext=u:object_r:system_etc_thermal_file:s0 tclass=file permissive=1
62allow foundation system_etc_thermal_file:file { getattr read open };
63
64#avc:  denied  { search } for  pid=552 comm="foundation" name="el0" dev="mmcblk0p11" ino=8 scontext=u:r:foundation:s0 tcontext=u:object_r:data_service_el0_file:s0 tclass=dir permissive=1
65allow foundation data_service_el0_file:dir { search write add_name };
66
67#avc:  denied  { read } for  pid=458 comm="foundation" name="charge" dev="mmcblk0p11" ino=4494 scontext=u:r:foundation:s0 tcontext=u:object_r:data_service_el0_file:s0 tclass=file permissive=1
68allow foundation data_service_el0_file:file { create ioctl open read write };
69