From 12370586c95a5e38be63cd73afc8580850588b7a Mon Sep 17 00:00:00 2001
From: SalmaxChang <salmaxchang@google.com>
Date: Fri, 9 Jul 2021 21:13:03 +0800
Subject: [PATCH] init: change overlayfs_file rule to dontaudit

Workaround for modem_img being unlabeled after disable-verity.

Bug: 193113005

Change-Id: I64b528d9952849ff73bcd583211d33c3b220438d
---
 whitechapel/vendor/google/init.te | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/whitechapel/vendor/google/init.te b/whitechapel/vendor/google/init.te
index e98d414f..11726894 100644
--- a/whitechapel/vendor/google/init.te
+++ b/whitechapel/vendor/google/init.te
@@ -19,7 +19,6 @@ allow init per_boot_file:file ioctl;
 allowxperm init per_boot_file:file ioctl { F2FS_IOC_SET_PIN_FILE };
 allow init sysfs_scsi_devices_0000:file w_file_perms;
 
-userdebug_or_eng(`
-  allow init overlayfs_file:file { rename };
-  allow init overlayfs_file:chr_file { unlink };
-')
+# Workaround for b/193113005 that modem_img unlabeled after disable-verity
+dontaudit init overlayfs_file:file { rename };
+dontaudit init overlayfs_file:chr_file { unlink };