From ea51816b1081eb7265e4df96cbe89800cee3f7e5 Mon Sep 17 00:00:00 2001
From: Alice Wang <aliceywang@google.com>
Date: Mon, 4 Sep 2023 12:26:03 +0000
Subject: [PATCH] [avf] Fix warning when runnning Microdroid

This cl fixes the following selinux denial:

09-04 10:15:34.544  3393  3393 W binder:3393_2: type=1400 audit(0.0:17): avc:  denied  { getattr } for  path="socket:[99352]" dev="sockfs" ino=99352 scontext=u:r:virtualizationmanager:s0 tcontext=u:r:adbd:s0 tclass=unix_stream_socket permissive=0

Test: Runs the ServiceVmClientApp
Change-Id: I5f69bc966f8e136dab19d1fdc0bc79190bef5ca5
---
 private/virtualizationmanager.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/private/virtualizationmanager.te b/private/virtualizationmanager.te
index b6bcd9885..36bd4090d 100644
--- a/private/virtualizationmanager.te
+++ b/private/virtualizationmanager.te
@@ -5,7 +5,7 @@ type virtualizationmanager_exec, system_file_type, exec_type, file_type;
 
 # Allow virtualizationmanager to communicate use, read and write over the adb connection.
 allow virtualizationmanager adbd:fd use;
-allow virtualizationmanager adbd:unix_stream_socket { read write };
+allow virtualizationmanager adbd:unix_stream_socket { getattr read write };
 
 # Allow writing VM logs to the shell console
 allow virtualizationmanager devpts:chr_file { read write getattr ioctl };