From 58238158ab6433a3e403fd055061cc6f8daff570 Mon Sep 17 00:00:00 2001
From: sukiliu <sukiliu@google.com>
Date: Mon, 3 May 2021 15:24:34 +0800
Subject: [PATCH] Update avc error on ROM 7330059

Bug: 187014717
Bug: 187015705
Bug: 187015816
Test: PtsSELinuxTestCases
Change-Id: I2d79fee24d18865090cd350485daea4e66bb5184
---
 tracking_denials/dumpstate.te               | 2 ++
 tracking_denials/hal_fingerprint_default.te | 2 ++
 tracking_denials/incidentd.te               | 2 ++
 3 files changed, 6 insertions(+)
 create mode 100644 tracking_denials/incidentd.te

diff --git a/tracking_denials/dumpstate.te b/tracking_denials/dumpstate.te
index ffb8518c..05b010e0 100644
--- a/tracking_denials/dumpstate.te
+++ b/tracking_denials/dumpstate.te
@@ -1,2 +1,4 @@
 # b/185723618
 dontaudit dumpstate hal_power_stats_vendor_service:service_manager { find };
+# b/187014717
+dontaudit dumpstate twoshay:binder call;
diff --git a/tracking_denials/hal_fingerprint_default.te b/tracking_denials/hal_fingerprint_default.te
index ed92cf9e..e9c6ff2a 100644
--- a/tracking_denials/hal_fingerprint_default.te
+++ b/tracking_denials/hal_fingerprint_default.te
@@ -11,3 +11,5 @@ dontaudit hal_fingerprint_default default_prop:file { getattr };
 dontaudit hal_fingerprint_default default_prop:file { open };
 dontaudit hal_fingerprint_default default_prop:file { read };
 dontaudit hal_fingerprint_default system_data_root_file:file { open };
+# b/187015705
+dontaudit hal_fingerprint_default property_socket:sock_file write;
diff --git a/tracking_denials/incidentd.te b/tracking_denials/incidentd.te
new file mode 100644
index 00000000..a998712f
--- /dev/null
+++ b/tracking_denials/incidentd.te
@@ -0,0 +1,2 @@
+# b/187015816
+dontaudit incidentd apex_info_file:file getattr;