]> Gitweb @ Texas Instruments - Open Source Git Repositories - git.TI.com/gitweb - android/device-ti-jacinto6evm.git/commit
projects / android / device-ti-jacinto6evm.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 192ca80) | patch
jacinto6evm: TEMP: don't audit module_request
authorVishal Mahaveer <vishalm@ti.com>
Wed, 14 Oct 2015 17:17:46 +0000 (12:17 -0500)
committerVishal Mahaveer <vishalm@ti.com>
Wed, 14 Oct 2015 17:28:40 +0000 (12:28 -0500)
commitcd059a21607e5631ba18332409c867e94f446b4d
tree3348a5e0618502302099adbbd1d0cb759674ce33tree | snapshot (tar.xz tar.gz zip)
parent192ca8061b38eb486332728ad080319fd50bfd3ecommit | diff
jacinto6evm: TEMP: don't audit module_request

For time being don't audit module_request denials.

There are lot of module_request denials logged currently with all 32-bit
binaries in M. Android introduced this domain in bionic and our kernel
does not have a separate 32 bit exec domain defined. This generates lot of
unnecessary module request for "personality-8".

Ex:
[    6.332380] type=1400 audit(946685140.029:22): avc: denied { module_request }
for pid=2025 comm="drmserver" kmod="personality-8" scontext=u:r:drmserver:s0
tcontext=u:r:kernel:s0 tclass=system permissive=1

Making module_requests dontaudit for time being till we figure out how to
handle this. In kernel version 4.0 and later the exec domain support is
completely removed anyways.

Change-Id: Ia50df94edb7609f29f4d866d49ce58d8a593df1f
Signed-off-by: Vishal Mahaveer <vishalm@ti.com>
sepolicy/domain.te [new file with mode: 0644] blob
Stable Android distribution for TI processors; Supported SoCs: Jacinto (DRA7xx, J721E), Sitara (AM43xx, AM57xx, AM65x) - Device project for Jacinto6 Family.