From b5ac55a444eed912ac861a62b5cc06a15423ec50 Mon Sep 17 00:00:00 2001
From: Tom Cherry <tomcherry@google.com>
Date: Wed, 6 May 2020 13:25:28 -0700
Subject: [PATCH] asan_extract: add system_file_type to asan_extract_exec

This is on the system partition and thus must be system_file_type:

neverallow check failed at out/target/product/vsoc_x86/obj_asan/ETC/userdebug_plat_sepolicy.cil_intermediates/userdebug_plat_sepolicy.cil.tmp:7703 from system/sepolicy/public/domain.te:950
  (neverallow coredomain base_typeattr_272 (file (entrypoint)))
      <root>
          allow at out/target/product/vsoc_x86/obj_asan/ETC/userdebug_plat_sepolicy.cil_intermediates/userdebug_plat_sepolicy.cil.tmp:16250
	        (allow asan_extract asan_extract_exec (file (read getattr map execute open entrypoint)))

Bug: 155905226
Test: build without above neverallow error
Change-Id: I6987582fcc013c95efe7e6758d96ec089168ea9d
---
 public/asan_extract.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/asan_extract.te b/public/asan_extract.te
index 22da8c152..d8a1b7366 100644
--- a/public/asan_extract.te
+++ b/public/asan_extract.te
@@ -5,7 +5,7 @@
 
 with_asan(`
   type asan_extract, domain, coredomain;
-  type asan_extract_exec, exec_type, file_type;
+  type asan_extract_exec, exec_type, file_type, system_file_type;
 
   # Allow asan_extract to execute itself using #!/system/bin/sh
   allow asan_extract shell_exec:file rx_file_perms;