Allow system_server to read vendor_file Input device configuration files .idc, .kl that are placed in /vendor are currently not accessible. Allow the read access here. Bug: 112880217 Test: move .idc and .kl files from /system to /vendor, then observe logcat. With this patch, avc denials disappear. Change-Id: I72ad62b9adf415f787565adced73fd8aaff38832

commit: 3639f57960811d6a41ca1968dea70a4315d5bbec [log] [tgz]
author: Siarhei Vishniakou <svv@google.com> Mon Oct 08 12:04:15 2018 -0700
committer: Siarhei Vishniakou <svv@google.com> Fri Oct 12 02:42:09 2018 +0000
tree: 263b7ed256648a13b1c77b04f2ac8b6352c863a8
parent: 9977e25411969764ac0bab16f7bbb530ee15ccd6 [diff] [blame]
diff --git a/private/file_contexts b/private/file_contexts
index a70f61b..9046ee1 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -349,6 +349,11 @@
 /(odm|vendor/odm)/overlay(/.*)?               u:object_r:vendor_overlay_file:s0
 /(odm|vendor/odm)/framework(/.*)?             u:object_r:vendor_framework_file:s0
 
+# Input configuration
+/(odm|vendor)/usr/keylayout(/.*)?.kl           u:object_r:vendor_keylayout_file:s0
+/(odm|vendor)/usr/keychars(/.*)?.kcm            u:object_r:vendor_keychars_file:s0
+/(odm|vendor)/usr/idc(/.*)?.idc                 u:object_r:vendor_idc_file:s0
+
 /oem(/.*)?              u:object_r:oemfs:s0
 
 # The precompiled monolithic sepolicy will be under /odm only when
commit	3639f57960811d6a41ca1968dea70a4315d5bbec	[log] [tgz]
author	Siarhei Vishniakou <svv@google.com>	Mon Oct 08 12:04:15 2018 -0700
committer	Siarhei Vishniakou <svv@google.com>	Fri Oct 12 02:42:09 2018 +0000
tree	263b7ed256648a13b1c77b04f2ac8b6352c863a8
parent	9977e25411969764ac0bab16f7bbb530ee15ccd6 [diff] [blame]