From ebb30438c85a87849b2236b3b5ae24ce6d433e46 Mon Sep 17 00:00:00 2001
From: Huaiming Li <huaiming.li@mediatek.com>
Date: Sat, 18 Jan 2020 10:20:13 +0800
Subject: [PATCH] [ALPS04776332] fix google dumpstate avc issue

[Detail]
09-05 15:58:31.552000  9693  9693 W df      : type=1400 audit(0.0:990):
avc: denied { search } for name="expand" dev="tmpfs" ino=10779
scontext=u:r:dumpstate:s0 tcontext=u:object_r:mnt_expand_file:s0 tclass=dir permissive=0

[Solution]
add sepolicy rule:
allow dumpstate mnt_expand_file:dir search;

MTK-Commit-Id: 2117b8897e13ad2e52f8f7b9b16532e20cc8f477

Change-Id: I428cc52d30c3396d9d355af286bcdaa94d170eec
CR-Id: ALPS04776332
Feature: Android Exception Engine(AEE)
---
 non_plat/dumpstate.te | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/non_plat/dumpstate.te b/non_plat/dumpstate.te
index 19aa9b0..3c3d81f 100644
--- a/non_plat/dumpstate.te
+++ b/non_plat/dumpstate.te
@@ -176,3 +176,8 @@ allow dumpstate debugfs_smi_mon:file r_file_perms;
 
 # MTEE Trusty
 allow dumpstate mtee_trusty_file:file rw_file_perms;
+
+# 09-05 15:58:31.552000  9693  9693 W df      : type=1400 audit(0.0:990):
+# avc: denied { search } for name="expand" dev="tmpfs" ino=10779 scontext=u:r:dumpstate:s0
+# tcontext=u:object_r:mnt_expand_file:s0 tclass=dir permissive=0
+allow dumpstate mnt_expand_file:dir search;