crash_dump: suppress denials on properties Addresses: avc: denied { read } for comm="crash_dump64" name="u:object_r:bluetooth_prop:s0" dev="tmpfs" ino=17280 scontext=u:r:crash_dump:s0 tcontext=u:object_r:bluetooth_prop:s0 tclass=file Test: build Change-Id: I176038ea6add34b5277305073a20f9c1a930e74b

commit: 44f06601e8d964c7e1dc5af3fe9d5919c1c42a30 [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Thu Feb 07 08:42:53 2019 -0800
committer: Jeff Vander Stoep <jeffv@google.com> Thu Feb 07 08:45:15 2019 -0800
tree: 1928057bb05cc7306fd0b00fda92172cb4ffa685
parent: 87988fa6a6c925db44ac5963fb5220f34401342e [diff]
diff --git a/public/crash_dump.te b/public/crash_dump.te
index ec33df3..5188d19 100644
--- a/public/crash_dump.te
+++ b/public/crash_dump.te

@@ -50,13 +50,14 @@
 # which is super useful in some cases.
 unix_socket_connect(crash_dump, logdr, logd)
 
-# Crash dump is not intended to access the following data types. Since these
+# Crash dump is not intended to access the following files. Since these
 # are WAI, suppress the denials to clean up the logs.
 dontaudit crash_dump {
   core_data_file_type
   vendor_file_type
 }:dir search;
 dontaudit crash_dump system_data_file:file read;
+dontaudit crash_dump property_type:file read;
 
 ###
 ### neverallow assertions
commit	44f06601e8d964c7e1dc5af3fe9d5919c1c42a30	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Thu Feb 07 08:42:53 2019 -0800
committer	Jeff Vander Stoep <jeffv@google.com>	Thu Feb 07 08:45:15 2019 -0800
tree	1928057bb05cc7306fd0b00fda92172cb4ffa685
parent	87988fa6a6c925db44ac5963fb5220f34401342e [diff]