From e7cd43c12c243b8659a5683a4d2c5c245cd7a7a7 Mon Sep 17 00:00:00 2001
From: Ji Zhang <ji.zhang@mediatek.com>
Date: Sat, 18 Jan 2020 09:50:50 +0800
Subject: [PATCH] [ALPS03890586] add rules for aee_aed

[Detail]
Add selinux rules for aed in eng/userdebug:
capability dac_override/dac_read_search

MTK-Commit-Id: d3cb23b65eb02f7b4d57d818f0bfd617b96387ed

Change-Id: Ie4e7efe212913aa7cbfb12aa471b911fbabcdae0
CR-Id: ALPS03890586
Feature: Android Exception Engine(AEE)
---
 plat_private/aee_aed.te | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/plat_private/aee_aed.te b/plat_private/aee_aed.te
index ce3872d..104a4fd 100644
--- a/plat_private/aee_aed.te
+++ b/plat_private/aee_aed.te
@@ -144,5 +144,7 @@ allow aee_aed self:capability { sys_nice chown fowner};
 # Purpose: Allow aee_aed to write /sys/kernel/debug/tracing/snapshot
 userdebug_or_eng(`allow aee_aed debugfs_tracing_debug:file { write open };')
 
-# Purpose: Allow aee_aed self to sys_ptrace
-userdebug_or_eng(`allow aee_aed self:capability sys_ptrace;')
+# Purpose: Allow aee_aed self to sys_ptrace/dac_override/dac_read_search
+userdebug_or_eng(`
+  allow aee_aed self:capability { sys_ptrace dac_override dac_read_search };
+')