Suppress avc denials due to missing kernel config on mixed version boot test auditd : type=1400 audit(0.0:104): avc: denied { write } for comm="Binder:1830_4" name="tasks" dev="tmpfs" ino=16681 scontext=u:r:installd:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0 As described in aosp/1552554, these denials seems to be triggered by timing issues thus being caught by DeviceBootTest. Add these dontaudit lines so these errors don't block normal feature development. Bug: 177187042 Test: SELinuxUncheckedDenialBootTest on S-on-Q device configuration Change-Id: I5e8754aae5a58e26c98c97664eac0fd9febb9d33

commit: f3f4985479536d7466b7954b49d6aac06712a603 [log] [tgz]
author: Yo Chiang <yochiang@google.com> Mon Jan 18 07:15:57 2021 +0000
committer: Yo Chiang <yochiang@google.com> Mon Jan 18 07:16:27 2021 +0000
tree: 85b37f467165f9b16cc5a49bc11aacd6fd83e80f
parent: 442aa0df417a48e85db9e8292d87a0d9405135c5 [diff]
diff --git a/private/installd.te b/private/installd.te
index c89ba8b..b0e38fb 100644
--- a/private/installd.te
+++ b/private/installd.te

@@ -43,3 +43,6 @@
 # Allow installd to delete files in /data/staging
 allow installd staging_data_file:file unlink;
 allow installd staging_data_file:dir { open read remove_name rmdir search write };
+
+# TODO(b/177187042): Remove this when the denials are fixed.
+dontaudit installd device:file write;
\ No newline at end of file
commit	f3f4985479536d7466b7954b49d6aac06712a603	[log] [tgz]
author	Yo Chiang <yochiang@google.com>	Mon Jan 18 07:15:57 2021 +0000
committer	Yo Chiang <yochiang@google.com>	Mon Jan 18 07:16:27 2021 +0000
tree	85b37f467165f9b16cc5a49bc11aacd6fd83e80f
parent	442aa0df417a48e85db9e8292d87a0d9405135c5 [diff]