From 47b4ca882da9b0dc6923edd0364fd4088d8e8999 Mon Sep 17 00:00:00 2001
From: Adam Shih <adamshih@google.com>
Date: Mon, 7 Mar 2022 10:42:19 +0800
Subject: [PATCH] init: change overlayfs_file rule to dontaudit

Workaround for modem_img being unlabeled after disable-verity.

Bug: 193113005
Bug: 221384981
Test: remount with no avc error
Change-Id: Ie2479470c095f4ee2a9508714565b1088a8d7dce
---
 tracking_denials/init.te | 2 --
 whitechapel_pro/init.te  | 4 ++++
 2 files changed, 4 insertions(+), 2 deletions(-)
 delete mode 100644 tracking_denials/init.te

diff --git a/tracking_denials/init.te b/tracking_denials/init.te
deleted file mode 100644
index 2dac3b47..00000000
--- a/tracking_denials/init.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# b/221384981
-dontaudit init overlayfs_file:file { rename };
diff --git a/whitechapel_pro/init.te b/whitechapel_pro/init.te
index cfb875f6..3175db8c 100644
--- a/whitechapel_pro/init.te
+++ b/whitechapel_pro/init.te
@@ -15,3 +15,7 @@ allow init modem_efs_file:dir mounton;
 allow init modem_userdata_file:dir mounton;
 allow init ram_device:blk_file w_file_perms;
 allow init sysfs_scsi_devices_0000:file w_file_perms;
+
+# Workaround for b/193113005 that modem_img unlabeled after disable-verity
+dontaudit init overlayfs_file:file rename;
+dontaudit init overlayfs_file:chr_file unlink;