SEPolicy changes to allow kcov access in userdebug. This includes the SELinux policy changes to allow for kcov access in userdebug builds for coverage-guided kernel fuzzing. Bug: 117990869 Test: Ran syzkaller with Android untrusted_app sandbox with coverage. Change-Id: I1fcaad447c7cdc2a3360383b5dcd76e8a0f93f09

commit: 55d9096652126b79e8641c52ec31fbe7747073da [log] [tgz]
author: Dan Austin <danielaustin@google.com> Thu Nov 29 10:37:18 2018 -0800
committer: Dan Austin <danielaustin@google.com> Fri Nov 30 10:56:29 2018 -0800
tree: 27d91b47664c95bc32f12fcc1ce18efed49ad23d
parent: 9cded32f6ae2040051e7717e68be956e8c0b1ff4 [diff] [blame]
diff --git a/private/file.te b/private/file.te
index 8d18a90..fd1c2ee 100644
--- a/private/file.te
+++ b/private/file.te

@@ -9,3 +9,7 @@
 
 # /data/misc/perfetto-traces for perfetto traces
 type perfetto_traces_data_file, file_type, data_file_type, core_data_file_type;
+
+# /sys/kernel/debug/kcov for coverage guided kernel fuzzing in userdebug builds.
+type debugfs_kcov, fs_type, debugfs_type;
+
commit	55d9096652126b79e8641c52ec31fbe7747073da	[log] [tgz]
author	Dan Austin <danielaustin@google.com>	Thu Nov 29 10:37:18 2018 -0800
committer	Dan Austin <danielaustin@google.com>	Fri Nov 30 10:56:29 2018 -0800
tree	27d91b47664c95bc32f12fcc1ce18efed49ad23d
parent	9cded32f6ae2040051e7717e68be956e8c0b1ff4 [diff] [blame]