From 8b241f5c355bf181052ff3bcd4be248f787698a8 Mon Sep 17 00:00:00 2001
From: Siddharth Kapoor <ksiddharth@google.com>
Date: Thu, 13 Jan 2022 18:45:29 +0800
Subject: [PATCH] Update selinux for init-insmod-sh needed for gpu probe

Bug: 207062151
Test: related avc denials not noticed in the device logs
Change-Id: I87ff2251fd7d92f8b0eb3fac43889758788b702f
Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
---
 tracking_denials/init-insmod-sh.te | 3 ---
 whitechapel_pro/init-insmod-sh.te  | 3 +++
 2 files changed, 3 insertions(+), 3 deletions(-)
 delete mode 100644 tracking_denials/init-insmod-sh.te

diff --git a/tracking_denials/init-insmod-sh.te b/tracking_denials/init-insmod-sh.te
deleted file mode 100644
index e12715f9..00000000
--- a/tracking_denials/init-insmod-sh.te
+++ /dev/null
@@ -1,3 +0,0 @@
-# b/207062151
-dontaudit init-insmod-sh debugfs_mgm:dir { search };
-dontaudit init-insmod-sh vendor_regmap_debugfs:dir { search };
diff --git a/whitechapel_pro/init-insmod-sh.te b/whitechapel_pro/init-insmod-sh.te
index e8424941..1b85c561 100644
--- a/whitechapel_pro/init-insmod-sh.te
+++ b/whitechapel_pro/init-insmod-sh.te
@@ -9,3 +9,6 @@ allow init-insmod-sh vendor_toolbox_exec:file execute_no_trans;
 set_prop(init-insmod-sh, vendor_device_prop)
 
 dontaudit init-insmod-sh proc_cmdline:file r_file_perms;
+
+allow init-insmod-sh debugfs_mgm:dir search;
+allow init-insmod-sh vendor_regmap_debugfs:dir search;