USB: dontaudit init to write to sysfs directory

USB configuration are replaced by configfs on kernel v4.4. This causes denials for older version when init tries to write to sysfs directories. Add a dontaudit to init to avoid denial CRs-Fixed: 1069632 Change-Id: Idad0f1a6bc2b193f69cbc128c08eb20576897bd8
author: Biswajit Paul <biswajitpaul@codeaurora.org> 2016-09-21 15:05:19 -0700
committer: Biswajit Paul <biswajitpaul@codeaurora.org> 2016-10-21 11:38:37 -0700
commit: 22cbbd8e94223fb1970bc88724682cc48e231942 (patch)
tree: 10626c07e3c8be3252cf3272b80a908a5a8661b0
parent: 5a1b60c33bfe64f114c42174ab8003411c157c47 (diff)
download: android_device_qcom_sepolicy-22cbbd8e94223fb1970bc88724682cc48e231942.tar.gz
android_device_qcom_sepolicy-22cbbd8e94223fb1970bc88724682cc48e231942.tar.bz2
android_device_qcom_sepolicy-22cbbd8e94223fb1970bc88724682cc48e231942.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/common/init.te b/common/init.te
index 6cde24b0..772e5fe4 100644
--- a/common/init.te
+++ b/common/init.te
@@ -31,3 +31,6 @@ allow init configfs:lnk_file create_file_perms;
 #Allow init to mount non-hlos partitions in A/B builds
 allow init firmware_file:dir { mounton };
 allow init bt_firmware_file:dir { mounton };
+
+#dontaudit non configfs usb denials
+dontaudit init sysfs:dir write;
author	Biswajit Paul <biswajitpaul@codeaurora.org>	2016-09-21 15:05:19 -0700
committer	Biswajit Paul <biswajitpaul@codeaurora.org>	2016-10-21 11:38:37 -0700
commit	22cbbd8e94223fb1970bc88724682cc48e231942 (patch)
tree	10626c07e3c8be3252cf3272b80a908a5a8661b0
parent	5a1b60c33bfe64f114c42174ab8003411c157c47 (diff)
download	android_device_qcom_sepolicy-22cbbd8e94223fb1970bc88724682cc48e231942.tar.gz android_device_qcom_sepolicy-22cbbd8e94223fb1970bc88724682cc48e231942.tar.bz2 android_device_qcom_sepolicy-22cbbd8e94223fb1970bc88724682cc48e231942.zip