• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Copyright (c) 2022 Huawei Device Co., Ltd.
2# Licensed under the Apache License, Version 2.0 (the "License");
3# you may not use this file except in compliance with the License.
4# You may obtain a copy of the License at
5#
6#     http://www.apache.org/licenses/LICENSE-2.0
7#
8# Unless required by applicable law or agreed to in writing, software
9# distributed under the License is distributed on an "AS IS" BASIS,
10# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11# See the License for the specific language governing permissions and
12# limitations under the License.
13
14#avc:  denied  { get } for service=3503 pid=589 scontext=u:r:sensors:s0 tcontext=i:object_r:sa_accesstoken_manager_service:s0 tclass=samgr_class permissive=1
15allow sensors sa_accesstoken_manager_service:samgr_class { get };
16
17#avc:  denied  { get } for service=vibrator_interface_service pid=620 scontext=u:r:sensors:s0 tcontext=u:object_r:hdf_vibrator_interface_service:s0 tclass=hdf_devmgr_class permissive=1
18allow sensors hdf_vibrator_interface_service:hdf_devmgr_class { get };
19
20#avc:  denied  { get } for service=sensor_interface_service pid=655 scontext=u:r:sensors:s0 tcontext=u:object_r:hdf_sensor_interface_service:s0 tclass=hdf_devmgr_class permissive=1
21allow sensors hdf_sensor_interface_service:hdf_devmgr_class { get };
22
23#avc:  denied  { get } for service=5100 pid=546 scontext=u:r:sensors:s0 tcontext=u:object_r:sa_device_service_manager:s0 tclass=samgr_class permissive=1
24allow sensors sa_device_service_manager:samgr_class { get };
25
26#avc:  denied  { add } for service=3601 pid=572 scontext=u:r:sensors:s0 tcontext=u:object_r:sa_sensor_service:s0 tclass=samgr_class permissive=1
27allow sensors sa_sensor_service:samgr_class { add };
28
29#avc:  denied  { call } for  pid=2043 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:accesstoken_service:s0 tclass=binder permissive=1
30allow sensors accesstoken_service:binder { call };
31
32#avc:  denied  { use } for  pid=1963 comm="jsThread-1" path="socket:[26923]" dev="sockfs" ino=26923 scontext=u:r:sensors:s0 tcontext=u:r:normal_hap:s0 tclass=fd permissive=1
33allow sensors normal_hap:fd { use };
34
35#avc:  denied  { read write } for  pid=1963 comm="jsThread-1" path="socket:[26923]" dev="sockfs" ino=26923 scontext=u:r:sensors:s0 tcontext=u:r:normal_hap:s0 tclass=unix_stream_socket permissive=1
36allow sensors normal_hap:unix_stream_socket { read write };
37
38#avc:  denied  { call } for  pid=645 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:normal_hap:s0 tclass=binder permissive=1
39allow sensors normal_hap:binder { call };
40
41#avc:  denied  { setopt } for  pid=650 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:sensors:s0 tclass=unix_dgram_socket permissive=1
42#avc:  denied  { getopt } for  pid=645 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:sensors:s0 tclass=unix_dgram_socket permissive=1
43allow sensors sensors:unix_dgram_socket { getopt setopt };
44
45#avc:  denied  { search } for  pid=645 comm="sensors" name="socket" dev="tmpfs" ino=40 scontext=u:r:sensors:s0 tcontext=u:object_r:dev_unix_socket:s0 tclass=dir permissive=1
46allow sensors dev_unix_socket:dir { search };
47
48#avc:  denied  { call } for  pid=645 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:vibrator_host:s0 tclass=binder permissive=1
49allow sensors vibrator_host:binder { call };
50
51#avc:  denied  { search } for  pid=451 comm="sensors" name="/" dev="tracefs" ino=1 scontext=u:r:sensors:s0 tcontext=u:object_r:tracefs:s0 tclass=dir permissive=1
52allow sensors tracefs:dir { search };
53
54#avc:  denied  { write } for  pid=451 comm="sensors" name="trace_marker" dev="tracefs" ino=15134 scontext=u:r:sensors:s0 tcontext=u:object_r:tracefs_trace_marker_file:s0 tclass=file permissive=1
55#avc:  denied  { open } for  pid=451 comm="sensors" path="/sys/kernel/debug/tracing/trace_marker" dev="tracefs" ino=15134 scontext=u:r:sensors:s0 tcontext=u:object_r:tracefs_trace_marker_file:s0 tclass=file permissive=1
56allow sensors tracefs_trace_marker_file:file { write open };
57
58#avc:  denied  { use } for  pid=475 comm="hidumper_servic" path="pipe:[32513]" dev="pipefs" ino=32513 scontext=u:r:sensors:s0 tcontext=u:r:hidumper_service:s0 tclass=fd permissive=1
59allow sensors hidumper_service:fd { use };
60
61#avc:  denied  { write } for  pid=475 comm="hidumper_servic" path="pipe:[32513]" dev="pipefs" ino=32513 scontext=u:r:sensors:s0 tcontext=u:r:hidumper_service:s0 tclass=fifo_file permissive=1
62allow sensors hidumper_service:fifo_file { write };
63
64#avc:  denied  { transfer } for  pid=2152 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:sensor_host:s0 tclass=binder permissive=1
65allow sensors sensor_host:binder { transfer };
66
67#avc:  denied  { use } for  pid=2778 comm="processdump" dev="mmcblk0p11" ino=652843 scontext=u:r:sensors:s0 tcontext=u:r:faultloggerd:s0 tclass=fd permissive=1
68allow sensors faultloggerd:fd { use };
69
70#avc:  denied  { use } for  pid=2011 comm="SensorAgentTest" path="socket:[39791]" dev="sockfs" ino=39791 scontext=u:r:sensors:s0 tcontext=u:r:sh:s0 tclass=fd permissive=0
71allow sensors sh:fd { use };
72
73# avc:  denied  { call } for  pid=687 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:sh:s0 tclass=binder permissive=0
74allow sensors sh:binder { call };
75
76#avc:  denied  { write } for  pid=621 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:system_core_hap:s0 tclass=unix_stream_socket permissive=1
77#avc:  denied  { read write } for  pid=2097 comm="jsThread-1" path="socket:[40085]" dev="sockfs" ino=40085 scontext=u:r:sensors:s0 tcontext=u:r:system_core_hap:s0 tclass=unix_stream_socket permissive=1
78allow sensors system_core_hap:unix_stream_socket { write read };
79
80#avc:  denied  { use } for  pid=2097 comm="jsThread-1" path="socket:[40085]" dev="sockfs" ino=40085 scontext=u:r:sensors:s0 tcontext=u:r:system_core_hap:s0 tclass=fd permissive=1allow
81allow sensors system_core_hap:fd { use };
82
83#avc:  denied  { call } for  pid=687 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:system_core_hap:s0 tclass=binder permissive=0
84allow sensors system_core_hap:binder { call };
85
86#avc:  denied  { read write } for  pid=2132 comm="SensorAgentTest" path="socket:[39407]" dev="sockfs" ino=39407 scontext=u:r:sensors:s0 tcontext=u:r:sh:s0 tclass=unix_stream_socket permissive=0
87allow sensors sh:unix_stream_socket { read write };
88
89#avc:  denied  { get } for service=3505 pid=575 scontext=u:r:sensors:s0 tcontext=u:object_r:sa_privacy_service:s0 tclass=samgr_class permissive=0
90allow sensors sa_privacy_service:samgr_class { get };
91
92#avc:  denied  { call } for  pid=549 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:privacy_service:s0 tclass=binder permissive=0
93allow sensors privacy_service:binder { call };
94
95#avc:  denied  { read } for  pid=2827 comm="sa_main" name="u:object_r:accessibility_param:s0" dev="tmpfs" ino=53 scontext=u:r:sensors:s0 tcontext=u:object_r:accessibility_param:s0 tclass=file permissive=0
96allow sensors accessibility_param:file { read };
97
98allow sensors vendor_etc_file:dir { search };
99allow sensors vendor_etc_file:file { getattr open read };
100
101#avc:  denied  { call } for  pid=440 comm="sensors" scontext=u:r:sensors:s0 tcontext=u:r:light_host:s0 tclass=binder permissive=1
102allow sensors light_host:binder { call };
103
104#avc:  denied  { read } for  pid=508 comm="sensors" name="u:object_r:musl_param:s0" dev="tmpfs" ino=55 scontext=u:r:sensors:s0 tcontext=u:object_r:musl_param:s0 tclass=file permissive=0
105allow sensors musl_param:file { read };
106
107#avc:  denied  { get } for service=light_interface_service pid=2262 scontext=u:r:sensors:s0 tcontext=u:object_r:hdf_light_interface_service:s0 tclass=hdf_devmgr_class permissive=1
108allow sensors hdf_light_interface_service:hdf_devmgr_class { get };
109
110#avc:  denied  { use } for  pid=585 comm="IPC_1_745" path="socket:[34684]" dev="sockfs" ino=34684 scontext=u:r:sensors:s0 tcontext=u:r:foundation:s0 tclass=fd permissive=0
111allow sensors foundation:fd { use };
112
113#avc:  denied  { read write } for  pid=554 comm="foundation" path="socket:[41126]" dev="sockfs" ino=41126 scontext=u:r:sensors:s0 tcontext=u:r:foundation:s0 tclass=unix_stream_socket permissive=0
114allow sensors foundation:unix_stream_socket { read write };
115
116#avc:  denied  { call } for  pid=585 comm="IPC_2_1283" scontext=u:r:sensors:s0 tcontext=u:r:foundation:s0 tclass=binder permissive=0
117allow sensors foundation:binder { call };
118