From 196b12eb3ec80e4d6d01d31d0234ce0bf2110eed Mon Sep 17 00:00:00 2001
From: felkachang <felkachang@google.com>
Date: Wed, 28 Nov 2018 05:06:46 +0800
Subject: [PATCH] Track isolated_app SELinux denial.

The isolated service that do nothing for AIDL's APIs still got the
SELinux denied. This should fix presubmit test.

01-01 00:00:22.103  5831  5831 I auditd  : type=1400 audit(0.0:6): avc:
denied { getattr } for comm="convert.service"
path="/data/data/com.android.providers.media" dev="sda35" ino=1442136
scontext=u:r:isolated_app:s0:c0,c256,c512,c768
tcontext=u:object_r:privapp_data_file:s0:c512,c768 tclass=dir
permissive=0

Test: build
Bug: 119596573

Change-Id: Ie58326ba217ed6ca56ca9933c6664896ac3d327a
---
 private/bug_map | 1 +
 1 file changed, 1 insertion(+)

diff --git a/private/bug_map b/private/bug_map
index 6eab5402d..becbd97f4 100644
--- a/private/bug_map
+++ b/private/bug_map
@@ -11,6 +11,7 @@ init shell_data_file file 77873135
 init shell_data_file lnk_file 77873135
 init shell_data_file sock_file 77873135
 init system_data_file chr_file 77873135
+isolated_app privapp_data_file dir 119596573
 mediaextractor app_data_file file 77923736
 mediaextractor radio_data_file file 77923736
 mediaprovider cache_file blk_file 77925342
-- 
GitLab