Allow dumpstate to read some directories. This prevents denials while taking a bugreport. Bug: 116711254 Test: cts-tradefed run cts -m CtsSecurityHostTestCases -t android.security.cts.SELinuxHostTest#testNoBugreportDenials Change-Id: I64f441eb66c355d03eaf7755f2e9d3e970305ecd

commit: 886ba9c9ff8ea118b7eadbd19d3a7048358ba5c8 [log] [tgz]
author: Joel Galenson <jgalenson@google.com> Mon Jan 07 12:45:56 2019 -0800
committer: Joel Galenson <jgalenson@google.com> Mon Jan 07 12:45:56 2019 -0800
tree: 4f0c4e115bf5ab01b30c41fad624078475bb7db0
parent: 34bd20fbdd76f11d05aff58c5acdf6e24293b638 [diff]
diff --git a/public/dumpstate.te b/public/dumpstate.te
index 1c8bbb1..39ef87d 100644
--- a/public/dumpstate.te
+++ b/public/dumpstate.te

@@ -205,6 +205,9 @@
   allow dumpstate misc_logd_file:file r_file_perms;
 ')
 
+allow dumpstate app_fuse_file:dir r_dir_perms;
+allow dumpstate overlayfs_file:dir r_dir_perms;
+
 allow dumpstate {
   service_manager_type
   -apex_service
commit	886ba9c9ff8ea118b7eadbd19d3a7048358ba5c8	[log] [tgz]
author	Joel Galenson <jgalenson@google.com>	Mon Jan 07 12:45:56 2019 -0800
committer	Joel Galenson <jgalenson@google.com>	Mon Jan 07 12:45:56 2019 -0800
tree	4f0c4e115bf5ab01b30c41fad624078475bb7db0
parent	34bd20fbdd76f11d05aff58c5acdf6e24293b638 [diff]