Suppress denial for ueventd to getattr From now on, linker will resolve dir.${section} paths of ld.config.txt. This is added to suppress SELinux denial during resolving /postinstall. Bug: http://b/80422611 Test: on taimen m -j, logcat | grep denied, atest on bionic/linker/tests Change-Id: I12c2bb76d71ae84055b5026933dcaa6ef2808590

commit: d8612deee80b6359010369844a4021f3322e32e8 [log] [tgz]
author: Inseob Kim <inseob@google.com> Tue Jun 19 10:34:15 2018 +0900
committer: Inseob Kim <inseob@google.com> Thu Jun 21 10:31:25 2018 +0900
tree: 5a50a91a9b2cdc8a827000343278bc7373a771a9
parent: e0637cfc8ea0ee920acd1abc90d99d3b686ded20 [diff]
diff --git a/public/ueventd.te b/public/ueventd.te
index 0cac32d..ea73166 100644
--- a/public/ueventd.te
+++ b/public/ueventd.te

@@ -45,6 +45,10 @@
   allow ueventd rootfs:file { r_file_perms execute };
 ')
 
+# Suppress denials for ueventd to getattr /postinstall. This occurs when the
+# linker tries to resolve paths in ld.config.txt.
+dontaudit ueventd postinstall_mnt_dir:dir getattr;
+
 #####
 ##### neverallow rules
 #####
commit	d8612deee80b6359010369844a4021f3322e32e8	[log] [tgz]
author	Inseob Kim <inseob@google.com>	Tue Jun 19 10:34:15 2018 +0900
committer	Inseob Kim <inseob@google.com>	Thu Jun 21 10:31:25 2018 +0900
tree	5a50a91a9b2cdc8a827000343278bc7373a771a9
parent	e0637cfc8ea0ee920acd1abc90d99d3b686ded20 [diff]