Extend access to proc/asound/* Renamed this type: proc_asound_cards -> proc_asound Labeled /proc/asound/devices as proc_asound. We now use proc_asound type to label files under /proc/asound which we want to expose to system components. Bug: 66988327 Test: Pixel 2 boots, can play sound with or without headphones, and selinux denials to proc_asound are not seen. Change-Id: I453d9bfdd70eb80931ec9e80f17c8fd0629db3d0

commit: 464f59ae107f493f244048cb126b32532944e314 [log] [tgz]
author: Tri Vo <trong@google.com> Fri Oct 06 10:20:53 2017 -0700
committer: Tri Vo <trong@google.com> Fri Oct 06 10:29:03 2017 -0700
tree: 9ee967f1bd57c94432ae74add673594fc1e22086
parent: 5f85a4809944013be57069805f7da1641f27d844 [diff] [blame]
diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index db14f1b..7638d36 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te

@@ -110,7 +110,7 @@
 # Create a more specific label if needed
 neverallow all_untrusted_apps {
   proc
-  proc_asound_cards
+  proc_asound
   proc_filesystems
   proc_kmsg
   proc_loadavg
commit	464f59ae107f493f244048cb126b32532944e314	[log] [tgz]
author	Tri Vo <trong@google.com>	Fri Oct 06 10:20:53 2017 -0700
committer	Tri Vo <trong@google.com>	Fri Oct 06 10:29:03 2017 -0700
tree	9ee967f1bd57c94432ae74add673594fc1e22086
parent	5f85a4809944013be57069805f7da1641f27d844 [diff] [blame]