platform_system_sepolicy/private/bug_map
Jeff Vander Stoep 1e1a3f7c58 Annotate denials
There is a race condition between when /data is mounted
and when processes attempt to access it. Attempting to access
/data before it's mounted causes an selinux denial. Attribute
these denials to a bug.

07-04 23:48:53.646   503   503 I auditd  : type=1400 audit(0.0:7): avc:
denied { search } for comm="surfaceflinger" name="/" dev="sda35" ino=2
scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:unlabeled:s0
tclass=dir permissive=0
07-15 17:41:18.100   582   582 I auditd  : type=1400 audit(0.0:4): avc:
denied { search } for comm="BootAnimation" name="/" dev="sda35" ino=2
scontext=u:r:bootanim:s0 tcontext=u:object_r:unlabeled:s0 tclass=dir
permissive=0

Bug: 68864350
Test: build
Change-Id: I07f751d54b854bdc72f3e5166442a5e21b3a9bf5
2018-01-16 19:47:36 -08:00

11 lines
460 B
Text

priv_app firstboot_prop file 63801215
vold system_data_file file 62140539
system_server vendor_framework_file dir 68826235
crash_dump app_data_file dir 68319037
crash_dump bluetooth_data_file dir 68319037
crash_dump vendor_overlay_file dir 68319037
statsd statsd capability 71537285
hal_graphics_allocator_default unlabeled dir 70180742
surfaceflinger unlabeled dir 68864350
hal_graphics_composer_default unlabeled dir 68864350
bootanim unlabeled dir 68864350