From 9213fe0217eff591d3edcd17bc47218dc8c5a30b Mon Sep 17 00:00:00 2001
From: Andreas Gampe <agampe@google.com>
Date: Wed, 6 Dec 2017 10:09:50 -0800
Subject: [PATCH] Sepolicy: Label kernel notes

Label /sys/kernel/notes.

Bug: 70275668
Test: m
Change-Id: Ieb666425d2db13f85225fb902fe06b0bf2335bef
---
 private/compat/26.0/26.0.cil | 1 +
 private/genfs_contexts       | 1 +
 public/file.te               | 1 +
 3 files changed, 3 insertions(+)

diff --git a/private/compat/26.0/26.0.cil b/private/compat/26.0/26.0.cil
index 12e5c981b..f7338c6eb 100644
--- a/private/compat/26.0/26.0.cil
+++ b/private/compat/26.0/26.0.cil
@@ -598,6 +598,7 @@
     sysfs_dm
     sysfs_dt_firmware_android
     sysfs_ipv4
+    sysfs_kernel_notes
     sysfs_net
     sysfs_power
     sysfs_rtc
diff --git a/private/genfs_contexts b/private/genfs_contexts
index dbff4679b..96728bc32 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -107,6 +107,7 @@ genfscon sysfs /power/wakeup_count u:object_r:sysfs_power:s0
 genfscon sysfs /power/wake_lock u:object_r:sysfs_wake_lock:s0
 genfscon sysfs /power/wake_unlock u:object_r:sysfs_wake_lock:s0
 genfscon sysfs /kernel/ipv4 u:object_r:sysfs_ipv4:s0
+genfscon sysfs /kernel/notes u:object_r:sysfs_kernel_notes:s0
 genfscon sysfs /kernel/uevent_helper u:object_r:sysfs_usermodehelper:s0
 genfscon sysfs /kernel/wakeup_reasons u:object_r:sysfs_wakeup_reasons:s0
 genfscon sysfs /module/lowmemorykiller u:object_r:sysfs_lowmemorykiller:s0
diff --git a/public/file.te b/public/file.te
index 6c11b81e2..d8677e8ab 100644
--- a/public/file.te
+++ b/public/file.te
@@ -66,6 +66,7 @@ type sysfs_bluetooth_writable, fs_type, sysfs_type, mlstrustedobject;
 type sysfs_dm, fs_type, sysfs_type;
 type sysfs_dt_firmware_android, fs_type, sysfs_type;
 type sysfs_ipv4, fs_type, sysfs_type;
+type sysfs_kernel_notes, fs_type, sysfs_type, mlstrustedobject;
 type sysfs_leds, fs_type, sysfs_type;
 type sysfs_hwrandom, fs_type, sysfs_type;
 type sysfs_nfc_power_writable, fs_type, sysfs_type, mlstrustedobject;
-- 
GitLab