From 196b12eb3ec80e4d6d01d31d0234ce0bf2110eed Mon Sep 17 00:00:00 2001 From: felkachang <felkachang@google.com> Date: Wed, 28 Nov 2018 05:06:46 +0800 Subject: [PATCH] Track isolated_app SELinux denial. The isolated service that do nothing for AIDL's APIs still got the SELinux denied. This should fix presubmit test. 01-01 00:00:22.103 5831 5831 I auditd : type=1400 audit(0.0:6): avc: denied { getattr } for comm="convert.service" path="/data/data/com.android.providers.media" dev="sda35" ino=1442136 scontext=u:r:isolated_app:s0:c0,c256,c512,c768 tcontext=u:object_r:privapp_data_file:s0:c512,c768 tclass=dir permissive=0 Test: build Bug: 119596573 Change-Id: Ie58326ba217ed6ca56ca9933c6664896ac3d327a --- private/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/private/bug_map b/private/bug_map index 6eab5402d..becbd97f4 100644 --- a/private/bug_map +++ b/private/bug_map @@ -11,6 +11,7 @@ init shell_data_file file 77873135 init shell_data_file lnk_file 77873135 init shell_data_file sock_file 77873135 init system_data_file chr_file 77873135 +isolated_app privapp_data_file dir 119596573 mediaextractor app_data_file file 77923736 mediaextractor radio_data_file file 77923736 mediaprovider cache_file blk_file 77925342 -- GitLab