From 4cd0ddca4b8a8681a7c8b2bf72a4b03ec8a1d47d Mon Sep 17 00:00:00 2001
From: Elektroschmock <elektroschmock78@googlemail.com>
Date: Mon, 28 Sep 2020 23:12:32 +0200
Subject: [PATCH] sm7250-common: sepolicy: Fix isolated_app denial

avc: denied { setattr } for comm="CrUtilityMain" name="commands.json" dev="mmcblk0p42" ino=1251111 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="commands.json" dev="mmcblk0p42" ino=1251111 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="f2" dev="mmcblk0p42" ino=1251128 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="f2" dev="mmcblk0p42" ino=1251128 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
Change-Id: I9a70417149c3239b89cc4266942cb3de4da34a4f
---
 sepolicy/vendor/isolated_app.te | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 sepolicy/vendor/isolated_app.te

diff --git a/sepolicy/vendor/isolated_app.te b/sepolicy/vendor/isolated_app.te
new file mode 100644
index 0000000..418e79b
--- /dev/null
+++ b/sepolicy/vendor/isolated_app.te
@@ -0,0 +1 @@
+allow isolated_app app_data_file:file setattr;