From 1de9c492d1343f7c92b4a7d6aa8da82c97bbf7d8 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 29 Jul 2015 17:19:42 -0400
Subject: [PATCH] auditallow w_file_perms for mediaserver

The device-independent code only needs read access to sysfs, and this
appears to be enough for at least some devices (Nexus 5).

Bug: 22827371
Change-Id: I3b7b068e98f11f9133f0bdea8ece363e4bd89ae8
---
 mediaserver.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mediaserver.te b/mediaserver.te
index cb0995c42..af455538f 100644
--- a/mediaserver.te
+++ b/mediaserver.te
@@ -34,6 +34,7 @@ allow mediaserver audio_device:chr_file rw_file_perms;
 
 # XXX Label with a specific type?
 allow mediaserver sysfs:file rw_file_perms;
+auditallow mediaserver sysfs:file { write append };
 
 # Read resources from open apk files passed over Binder.
 allow mediaserver apk_data_file:file { read getattr };
-- 
GitLab