From 32db046e67cc3e904146abf8fc1ef4839454f538 Mon Sep 17 00:00:00 2001
From: Adam Shih <adamshih@google.com>
Date: Tue, 16 Nov 2021 11:02:46 +0800
Subject: [PATCH] suppress bootanim android watch behavior on phones

Bug: 205780088
Test: boot with no relevant error log
Change-Id: Ic928d3212a016984ff31f358486109022d82b1ee
---
 tracking_denials/bootanim.te | 9 ---------
 whitechapel_pro/bootanim.te  | 5 +++++
 2 files changed, 5 insertions(+), 9 deletions(-)
 delete mode 100644 tracking_denials/bootanim.te
 create mode 100644 whitechapel_pro/bootanim.te

diff --git a/tracking_denials/bootanim.te b/tracking_denials/bootanim.te
deleted file mode 100644
index c2252620..00000000
--- a/tracking_denials/bootanim.te
+++ /dev/null
@@ -1,9 +0,0 @@
-# b/205780088
-dontaudit bootanim system_data_file:dir { read };
-dontaudit bootanim system_data_file:dir { search };
-dontaudit bootanim system_data_file:dir { watch };
-dontaudit bootanim vendor_file:file { execute };
-dontaudit bootanim vendor_file:file { getattr };
-dontaudit bootanim vendor_file:file { map };
-dontaudit bootanim vendor_file:file { open };
-dontaudit bootanim vendor_file:file { read };
diff --git a/whitechapel_pro/bootanim.te b/whitechapel_pro/bootanim.te
new file mode 100644
index 00000000..7b3019df
--- /dev/null
+++ b/whitechapel_pro/bootanim.te
@@ -0,0 +1,5 @@
+# TODO(b/62954877). On Android Wear, bootanim reads the time
+# during boot to display. It currently gets that time from a file
+# in /data/system. This should be moved. In the meantime, suppress
+# this denial on phones since this functionality is not used.
+dontaudit bootanim system_data_file:dir r_dir_perms;