Skip to content

Commit

Permalink
garnet: sepolicy: Allow hal_perf to get attributes from proc files
Browse files Browse the repository at this point in the history 
- avc: denied { getattr } for path="/proc/1632/cpuset" dev="proc" ino=118908 scontext=u:r:vendor_hal_perf_default:s0 tcontext=u:r:hal_graphics_composer_default:s0 tclass=file permissive=0

Signed-off-by: kleidione <kleidione@gmail.com>
  • Loading branch information
@kleidione
kleidione committed Jan 18, 2025
1 parent a034570 commit 65dfac6
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion sepolicy/vendor/vendor_hal_perf_default.te
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
allow vendor_hal_perf_default hal_graphics_composer_default:dir { search };
allow vendor_hal_perf_default hal_graphics_composer_default:process { signal getpgid };
allow vendor_hal_perf_default hal_graphics_composer_default:file { open read write };
allow vendor_hal_perf_default hal_graphics_composer_default:file { open read write getattr };
allow vendor_hal_perf_default proc_type:file { getattr };

0 comments on commit 65dfac6

Please sign in to comment.