Fix SELinux warning when passing fuse FD from system server.

Before applying the CL, Android shows the following error when passing FD of /dev/fuse. > Binder_2: type=1400 audit(0.0:38): avc: denied { getattr } for > path="/dev/fuse" dev="tmpfs" ino=9300 scontext=u:r:system_server:s0 > tcontext=u:object_r:fuse_device:s0 tclass=chr_file permissive=0 Change-Id: I59dec819d79d4e2e1a8e42523b6f521481cb2afd
2016-01-28 15:59:14 +09:00 · 2016-01-28 15:59:14 +09:00 · 59e3d7b42d
commit 59e3d7b42d
parent 0e591bd256
1 changed files with 1 additions and 1 deletions
--- a/system_server.te
+++ b/system_server.te
@ -441,7 +441,7 @@ userdebug_or_eng(`

 # For AppFuse.
 allow system_server vold:fd use;
-allow system_server fuse_device:chr_file { read write ioctl };
+allow system_server fuse_device:chr_file { read write ioctl getattr };

 # Connect to adbd and use a socket transferred from it.
 # Used for e.g. jdwp.