From 19c1c284dacbf1a1fb4e446d084505df79edb079 Mon Sep 17 00:00:00 2001
From: LianRuiyang <995621404@qq.com>
Date: Fri, 12 Sep 2025 05:03:29 +0000
Subject: [PATCH 1/6] update
 sepolicy/ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te.

Signed-off-by: LianRuiyang <995621404@qq.com>
---
 .../ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/sepolicy/ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te b/sepolicy/ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te
index 588a9b4f9..be190353b 100644
--- a/sepolicy/ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te
+++ b/sepolicy/ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te
@@ -47,7 +47,8 @@ use_faultloggerd_file({ hiview hidumper })
 use_faultloggerd_sdkdump({ hiview hidumper foundation })
 
 neverallow { domain -processdump } faultloggerd_socket_crash:sock_file { write read ioctl };
-neverallow { domain -processdump -foundation -hidumper -hiview -dumpcatcher -appspawn } faultloggerd_socket_sdkdump:sock_file { write read ioctl };
+neverallow { domain -processdump -foundation -hidumper -hiview -dumpcatcher -appspawn -cap_violator_devassistant } faultloggerd_socket_sdkdump:sock_file { write };
+neverallow { domain -processdump -foundation -hidumper -hiview -dumpcatcher -appspawn } faultloggerd_socket_sdkdump:sock_file { read ioctl };
 #########################
 ## faultloggerd rules: ##
 #########################
-- 
Gitee


From 979e72735bacd5985b7b217b9066d357d1680eec Mon Sep 17 00:00:00 2001
From: LianRuiyang <995621404@qq.com>
Date: Fri, 12 Sep 2025 05:04:34 +0000
Subject: [PATCH 2/6] update sepolicy/base/public/attributes.

Signed-off-by: LianRuiyang <995621404@qq.com>
---
 sepolicy/base/public/attributes | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sepolicy/base/public/attributes b/sepolicy/base/public/attributes
index 7561c01e1..5e6d9476d 100644
--- a/sepolicy/base/public/attributes
+++ b/sepolicy/base/public/attributes
@@ -151,6 +151,7 @@ attribute cap_violator_perfmon;
 attribute cap_violator_sysmodule;
 attribute cap_violator_syslog;
 attribute cap_violator_sysrawio;
+attribute cap_violator_devassistant;
 
 attribute data_file_attr_violator_exec;
 attribute data_local_tmp_violator_dir;
-- 
Gitee


From 57eff7e9e67fc1cb97e966f1050b8e5ce89f5d94 Mon Sep 17 00:00:00 2001
From: LianRuiyang <995621404@qq.com>
Date: Fri, 12 Sep 2025 06:33:40 +0000
Subject: [PATCH 3/6] update sepolicy/base/public/attributes.

Signed-off-by: LianRuiyang <995621404@qq.com>
---
 sepolicy/base/public/attributes | 1 -
 1 file changed, 1 deletion(-)

diff --git a/sepolicy/base/public/attributes b/sepolicy/base/public/attributes
index 5e6d9476d..7561c01e1 100644
--- a/sepolicy/base/public/attributes
+++ b/sepolicy/base/public/attributes
@@ -151,7 +151,6 @@ attribute cap_violator_perfmon;
 attribute cap_violator_sysmodule;
 attribute cap_violator_syslog;
 attribute cap_violator_sysrawio;
-attribute cap_violator_devassistant;
 
 attribute data_file_attr_violator_exec;
 attribute data_local_tmp_violator_dir;
-- 
Gitee


From da4e3b40ccc84aaa37b0212367da1f80d88fb255 Mon Sep 17 00:00:00 2001
From: LianRuiyang <995621404@qq.com>
Date: Fri, 12 Sep 2025 06:35:45 +0000
Subject: [PATCH 4/6] update
 sepolicy/ohos_policy/startup/init/public/attributes.

Signed-off-by: LianRuiyang <995621404@qq.com>
---
 sepolicy/ohos_policy/startup/init/public/attributes | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sepolicy/ohos_policy/startup/init/public/attributes b/sepolicy/ohos_policy/startup/init/public/attributes
index 6f20a45e3..61f6c4f5b 100644
--- a/sepolicy/ohos_policy/startup/init/public/attributes
+++ b/sepolicy/ohos_policy/startup/init/public/attributes
@@ -15,3 +15,4 @@ attribute param_set_allow_attr;
 attribute devinfo_type_allow_attr;
 attribute sys_param_set_allow_attr;
 attribute init_module_system_bin_file;
+attribute cap_violator_devassistant;
-- 
Gitee


From 37ebc9531486dec95f123776597c572268add9f2 Mon Sep 17 00:00:00 2001
From: LianRuiyang <995621404@qq.com>
Date: Fri, 12 Sep 2025 07:43:10 +0000
Subject: [PATCH 5/6] update
 sepolicy/ohos_policy/startup/init/public/attributes.

Signed-off-by: LianRuiyang <995621404@qq.com>
---
 sepolicy/ohos_policy/startup/init/public/attributes | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sepolicy/ohos_policy/startup/init/public/attributes b/sepolicy/ohos_policy/startup/init/public/attributes
index 61f6c4f5b..88078ebb8 100644
--- a/sepolicy/ohos_policy/startup/init/public/attributes
+++ b/sepolicy/ohos_policy/startup/init/public/attributes
@@ -15,4 +15,4 @@ attribute param_set_allow_attr;
 attribute devinfo_type_allow_attr;
 attribute sys_param_set_allow_attr;
 attribute init_module_system_bin_file;
-attribute cap_violator_devassistant;
+attribute violator_faultloggerd_socket_sdkdump_write;
-- 
Gitee


From 7e866088fddee6dc538ed13496b231bf7d703b1a Mon Sep 17 00:00:00 2001
From: LianRuiyang <995621404@qq.com>
Date: Fri, 12 Sep 2025 07:43:58 +0000
Subject: [PATCH 6/6] update
 sepolicy/ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te.

Signed-off-by: LianRuiyang <995621404@qq.com>
---
 .../ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sepolicy/ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te b/sepolicy/ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te
index be190353b..9bf365c80 100644
--- a/sepolicy/ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te
+++ b/sepolicy/ohos_policy/hiviewdfx/faultloggerd/system/faultloggerd.te
@@ -47,7 +47,7 @@ use_faultloggerd_file({ hiview hidumper })
 use_faultloggerd_sdkdump({ hiview hidumper foundation })
 
 neverallow { domain -processdump } faultloggerd_socket_crash:sock_file { write read ioctl };
-neverallow { domain -processdump -foundation -hidumper -hiview -dumpcatcher -appspawn -cap_violator_devassistant } faultloggerd_socket_sdkdump:sock_file { write };
+neverallow { domain -processdump -foundation -hidumper -hiview -dumpcatcher -appspawn -violator_faultloggerd_socket_sdkdump_write } faultloggerd_socket_sdkdump:sock_file { write };
 neverallow { domain -processdump -foundation -hidumper -hiview -dumpcatcher -appspawn } faultloggerd_socket_sdkdump:sock_file { read ioctl };
 #########################
 ## faultloggerd rules: ##
-- 
Gitee