AppArmor: Fix access to /sys/devices/soc* files (!6) · Merge requests · pkg / ofono

Frederic Danis requested to merge wip/fdanis/6233 into apertis/v2021dev1 Jan 15, 2020

Bosch reports access denied to /sys/devices/soc*:

====
profile:/usr/sbin/ofonod
apparmor:DENIED
denied_mask:r
operation:open
name:/sys/devices/soc0/soc.0/uevent
requested_mask:r
====
profile:/usr/sbin/ofonod
apparmor:DENIED
denied_mask:r
operation:open
name:/sys/devices/soc0/soc.0/2100000.aips-bus/2184000.usb/ci_hdrc.0/usb1/uevent
requested_mask:r
====
profile:/usr/sbin/ofonod
apparmor:DENIED
denied_mask:r
operation:open
name:/sys/devices/soc0/soc.0/2100000.aips-bus/2184000.usb/ci_hdrc.0/usb1/1-0:1.0/uevent
requested_mask:r

The sysfs devices soc tree depends on the kernel version, 3.14 providing /sys/devices/soc0/soc.0/* while 5.4 provides /sys/devices/soc0/soc/*. Update the rule to support both.

Signed-off-by: Frédéric Danis frederic.danis@collabora.com

AppArmor: Fix access to /sys/devices/soc* files

Merge request reports