dontaudit denial on the odex file of location provider.
Bug: 194054685
Test: Presubmits
Change-Id: Ia636f7b32251c3b8cb018fee9216e5968d4e95ff
diff --git a/private/bug_map b/private/bug_map
index de7a4b5..5b042ae 100644
--- a/private/bug_map
+++ b/private/bug_map
@@ -25,7 +25,6 @@
netd untrusted_app_27 unix_stream_socket b/77870037
netd untrusted_app_29 unix_stream_socket b/77870037
platform_app nfc_data_file dir b/74331887
-system_server apex_art_data_file file b/194054685
system_server crash_dump process b/73128755
system_server overlayfs_file file b/142390309
system_server sdcardfs file b/77856826
diff --git a/private/system_server.te b/private/system_server.te
index fa66ff1..682be60 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -76,6 +76,12 @@
allow system_server { apex_art_data_file dalvikcache_data_file }:dir r_dir_perms;
allow system_server { apex_art_data_file dalvikcache_data_file }:file r_file_perms;
+# Ignore the denial on `system@framework@com.android.location.provider.jar@classes.odex`.
+# `com.android.location.provider.jar` happens to be both a jar on system server classpath and a
+# shared library used by a system server app. The odex file is loaded fine by Zygote when it forks
+# system_server. It fails to be loaded when the jar is used as a shared library, which is expected.
+dontaudit system_server apex_art_data_file:file execute;
+
# For release odex/vdex compress blocks
allowxperm system_server dalvikcache_data_file:file ioctl {
F2FS_IOC_RELEASE_COMPRESS_BLOCKS