From f329ce7a918888a3109d59aa0ccaca050251a956 Mon Sep 17 00:00:00 2001
From: Jaegeuk Kim <jaegeuk@google.com>
Date: Wed, 22 Jan 2025 20:11:51 -0800
Subject: [PATCH] Fix selinux permission denials

[    9.280675] type=1400 audit(1737659534.344:11): avc:  denied  { mounton } for  comm="init" path="/data/vendor/intelligence" dev="dm-59" ino=490 scontext=u:r:init:s0 tcontext=u:object_r:intelligence_data_file:s0 tclass=dir permissive=0

Bug: 391452461
Flag: EXEMPT bugfix
Change-Id: I355c61bd2c5bb5af6d463cf84a3fc80093b16550
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
---
 storage/sepolicy/init.te | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/storage/sepolicy/init.te b/storage/sepolicy/init.te
index aa6d415..321a7ad 100644
--- a/storage/sepolicy/init.te
+++ b/storage/sepolicy/init.te
@@ -1,5 +1,4 @@
 # init
 allow init sysfs_scsi_devices_0000:file w_file_perms;
 allow init userdata_exp_block_device:blk_file write;
-
-dontaudit init intelligence_data_file:dir mounton;
+allow init intelligence_data_file:dir mounton;