authfs - remove getattr perm for fd pass We are no longer reading the ashmem size on every transaction. Fixes: 195752513 Test: atest ComposHostTestCases (no denial logs) Change-Id: If27c2b1d0efdccf30bc8c09e1004feb789e2425d

commit: 2868112dff2e97fc24f3ceabdf69c8429f040d9a [log] [tgz]
author: Steven Moreland <smoreland@google.com> Tue Oct 12 12:40:44 2021 -0700
committer: Steven Moreland <smoreland@google.com> Tue Oct 12 21:54:42 2021 +0000
tree: 7f603c494fc1ca1d554d3f15db9e6887c49a6acd
parent: 1103fb887a962920a51996395dc6d3aec96ccc52 [diff]
diff --git a/microdroid/system/private/authfs_service.te b/microdroid/system/private/authfs_service.te
index f81a8f2..e7e9ef0 100644
--- a/microdroid/system/private/authfs_service.te
+++ b/microdroid/system/private/authfs_service.te

@@ -24,11 +24,9 @@
 
 # Allow opening a file from the FUSE mount.
 # Note: authfs_service doesn't really need to read and write the file, but the
-# check seems to happen on open anyway. It also doesn't need getattr, but it is
-# currently called internally by binder to estimate ashmem size.
+# check seems to happen on open anyway.
 allow authfs_service authfs_fuse:dir search;
-# TODO(195752513): Remove getattr once the binder bug is fixed.
-allow authfs_service authfs_fuse:file { getattr open read write };
+allow authfs_service authfs_fuse:file { open read write };
 
 # Allow killing the authfs process and unmount.
 allow authfs_service authfs:process sigkill;
commit	2868112dff2e97fc24f3ceabdf69c8429f040d9a	[log] [tgz]
author	Steven Moreland <smoreland@google.com>	Tue Oct 12 12:40:44 2021 -0700
committer	Steven Moreland <smoreland@google.com>	Tue Oct 12 21:54:42 2021 +0000
tree	7f603c494fc1ca1d554d3f15db9e6887c49a6acd
parent	1103fb887a962920a51996395dc6d3aec96ccc52 [diff]