From a791807e4d1022e73b6d034c78a913025873c260 Mon Sep 17 00:00:00 2001
From: Aayush Gupta <aayushgupta219@gmail.com>
Date: Mon, 28 Sep 2020 18:33:28 +0000
Subject: [PATCH] msm8953-common: Address denials regarding to access
 sysfs_kgsl

[   45.239076] type=1400 audit(1601312101.298:24): avc: denied { search } for comm="DefaultPool5" name="kgsl-3d0" dev="sysfs" ino=29220 scontext=u:r:untrusted_app:s0:c151,c256,c512,c768 tcontext=u:object_r:sysfs_kgsl:s0 tclass=dir permissive=0 app=com.google.android.apps.maps

Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Change-Id: I80c5de2d9687b3127922d5bc55c26461a797d0f9
---
 sepolicy/vendor/platform_app.te  | 1 -
 sepolicy/vendor/untrusted_app.te | 1 +
 2 files changed, 1 insertion(+), 1 deletion(-)
 create mode 100644 sepolicy/vendor/untrusted_app.te

diff --git a/sepolicy/vendor/platform_app.te b/sepolicy/vendor/platform_app.te
index 6a1d3da..8d0d23f 100644
--- a/sepolicy/vendor/platform_app.te
+++ b/sepolicy/vendor/platform_app.te
@@ -7,4 +7,3 @@ allow platform_app hal_dms_default:binder { call transfer };
 allow platform_app sysfs_kgsl:lnk_file read;
 get_prop(platform_app, moto_boot_prop)
 get_prop(platform_app, hwrev_prop)
-
diff --git a/sepolicy/vendor/untrusted_app.te b/sepolicy/vendor/untrusted_app.te
new file mode 100644
index 0000000..f1135c4
--- /dev/null
+++ b/sepolicy/vendor/untrusted_app.te
@@ -0,0 +1 @@
+allow untrusted_app sysfs_kgsl:dir search;