abfa9355ee
Verify with the ROM: go/ab/7203892 oriole-userdebug
Test: $ make selinux_policy
Push selinux modules. Check the denials during boot.
$ pts-tradefed run commandAndExit pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanBugreport
$ pts-tradefed run commandAndExit pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Bug: 171760597
Bug: 171760846
Bug: 173969190
Bug: 174443175
Bug: 176777145
Bug: 176868315
Bug: 177386448
Bug: 177389321
Bug: 177614659
Bug: 177616188
Bug: 177778551
Bug: 177778793
Bug: 177860838
Bug: 177862403
Bug: 177862777
Bug: 177966144
Bug: 178433506
Bug: 178433618
Bug: 178753151
Bug: 178752409
Bug: 178979985
Bug: 178980142
Bug: 179093352
Bug: 179310875
Bug: 179435036
Bug: 179437293
Bug: 179437737
Bug: 180551518
Bug: 180567612
Bug: 180655373
Bug: 180656244
Bug: 180874342
Bug: 180963328
Bug: 180963587
Change-Id: I19e19e49d36e5635629c1e68c7d23a98c714ebcf
16 lines
581 B
Text
16 lines
581 B
Text
# b/176528556
|
|
dontaudit vendor_init tmpfs:dir { add_name write };
|
|
# b/176528557
|
|
dontaudit vendor_init debugfs_trace_marker:file { getattr };
|
|
userdebug_or_eng(`
|
|
permissive vendor_init;
|
|
')
|
|
# b/178980032
|
|
dontaudit vendor_init unlabeled:dir { setattr };
|
|
dontaudit vendor_init unlabeled:dir { read };
|
|
dontaudit vendor_init unlabeled:dir { search };
|
|
dontaudit vendor_init unlabeled:dir { search };
|
|
dontaudit vendor_init unlabeled:dir { open };
|
|
dontaudit vendor_init unlabeled:dir { read };
|
|
dontaudit vendor_init unlabeled:dir { setattr };
|
|
dontaudit vendor_init unlabeled:dir { open };
|