From 9ef4675f68e914bc64862fc5db72fdf11eb910e6 Mon Sep 17 00:00:00 2001
From: Aayush Gupta <aayushgupta219@gmail.com>
Date: Thu, 31 Dec 2020 22:52:36 +0530
Subject: [PATCH] non_plat: Allow all domains to search debugfs_ion dir

[   12.536452] .(1)[399:logd.auditd]type=1400 audit(1262323310.848:231): avc: denied { search } for comm="audio@5.0-servi" name="clients" dev="debugfs" ino=3111 scontext=u:r:mtk_hal_audio:s0 tcontext=u:object_r:debugfs_ion:s0 tclass=dir permissive=1
[   59.661176] .(0)[399:logd.auditd]type=1400 audit(1609417550.280:331): avc: denied { search } for comm="RenderThread" name="clients" dev="debugfs" ino=3111 scontext=u:r:system_app:s0 tcontext=u:object_r:debugfs_ion:s0 tclass=dir permissive=1
[   50.275600] .(4)[399:logd.auditd]type=1400 audit(1609417547.748:325): avc: denied { search } for comm="RenderThread" name="clients" dev="debugfs" ino=3111 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:debugfs_ion:s0 tclass=dir permissive=1 app=com.android.launcher3

Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Change-Id: Ib8c7e944e95851d5ceef42bb3ea88c77c3cc7e0b
---
 non_plat/domain.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/non_plat/domain.te b/non_plat/domain.te
index 13111b9..5805a9c 100644
--- a/non_plat/domain.te
+++ b/non_plat/domain.te
@@ -30,3 +30,4 @@ allow { domain -coredomain -hal_configstore_server -vendor_init } aee_aedv:unix_
 allow { domain -coredomain -hal_configstore_server -vendor_init } aee_exp_vendor_file:file w_file_perms;
 allow { domain -coredomain -hal_configstore_server -vendor_init } aee_aedv:fd use;
 
+allow domain debugfs_ion:dir search;