init: change overlayfs_file rule to dontaudit

Workaround for modem_img being unlabeled after disable-verity. Bug: 193113005 Bug: 221384981 Test: remount with no avc error Change-Id: Ie2479470c095f4ee2a9508714565b1088a8d7dce
2022-03-07 10:42:19 +08:00 · 2022-03-07 10:42:19 +08:00 · 47b4ca882d
commit 47b4ca882d
parent 67e8f968b2
2 changed files with 4 additions and 2 deletions
--- a/tracking_denials/init.te
+++ b/tracking_denials/init.te
@ -1,2 +0,0 @@
-# b/221384981
-dontaudit init overlayfs_file:file { rename };
--- a/whitechapel_pro/init.te
+++ b/whitechapel_pro/init.te
@ -15,3 +15,7 @@ allow init modem_efs_file:dir mounton;
 allow init modem_userdata_file:dir mounton;
 allow init ram_device:blk_file w_file_perms;
 allow init sysfs_scsi_devices_0000:file w_file_perms;
+
+# Workaround for b/193113005 that modem_img unlabeled after disable-verity
+dontaudit init overlayfs_file:file rename;
+dontaudit init overlayfs_file:chr_file unlink;