From a0d3ff8edd10cea691b56a22a9ca389eab34472b Mon Sep 17 00:00:00 2001
From: Dimitry Ivanov <dimitry@google.com>
Date: Wed, 3 May 2017 20:33:29 -0700
Subject: [PATCH] Allow getattr on tempfs files

This is needed by linker to be able to load libraries from memfd
which currently generated following denial:
avc: denied { getattr } for path=2F6D656D66643A666F6F626172202864656C6574656429 dev="tmpfs" ino=902079 scontext=u:r:shell:s0 tcontext=u:object_r:shell_tmpfs:s0 tclass=file permissive=0

Bug: http://b/37245203
Bug: http://b/37916741
Test: builds
Change-Id: I5b57b6cada50a62657c8daaaaaa56f1ee9cdb376
---
 public/te_macros | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/te_macros b/public/te_macros
index 661585aa1..e1c46c957 100644
--- a/public/te_macros
+++ b/public/te_macros
@@ -77,7 +77,7 @@ allow $1 $2:{ file lnk_file } r_file_perms;
 define(`tmpfs_domain', `
 type $1_tmpfs, file_type;
 type_transition $1 tmpfs:file $1_tmpfs;
-allow $1 $1_tmpfs:file { read write };
+allow $1 $1_tmpfs:file { read write getattr };
 allow $1 tmpfs:dir { getattr search };
 ')
 
-- 
GitLab