From 0ae4d6f09e2257de93d2e26007bf2c0aa9944f4d Mon Sep 17 00:00:00 2001
From: Wilson Sung <wilsonsung@google.com>
Date: Mon, 19 Feb 2024 14:58:04 +0800
Subject: [PATCH] dontaudit on dir search for vendor_votable_debugfs

Bug: 305880925
Bug: 310539058
Bug: 318033504
Test: make selinux_policy
Change-Id: I5e13370fe5430f3dfbf73ccff787986fbe80f9ea
---
 tracking_denials/kernel.te | 2 --
 vendor/kernel.te           | 1 +
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/tracking_denials/kernel.te b/tracking_denials/kernel.te
index 7418850..7a36039 100644
--- a/tracking_denials/kernel.te
+++ b/tracking_denials/kernel.te
@@ -1,4 +1,2 @@
 # b/308381222
 dontaudit kernel kernel:capability { net_bind_service };
-# b/318033504
-dontaudit kernel vendor_votable_debugfs:dir { search };
diff --git a/vendor/kernel.te b/vendor/kernel.te
index ac9c987..bf91ddd 100644
--- a/vendor/kernel.te
+++ b/vendor/kernel.te
@@ -15,3 +15,4 @@ no_debugfs_restriction(`
 allow kernel vendor_regmap_debugfs:dir search;
 
 dontaudit kernel vendor_usb_debugfs:dir search;
+dontaudit kernel vendor_votable_debugfs:dir search;