From 3198cb5100e1431808897eaa060ed8813001e2c5 Mon Sep 17 00:00:00 2001
From: Woojung Min <wmin@nvidia.com>
Date: Thu, 1 Oct 2015 15:49:32 +0900
Subject: [PATCH] Add audit_read permission to capability2

In kernel 3.18 following error message is seen
since audit_read is added to capability2 at classmap.h
So add audit_read permission to capability2.

SELinux:  Permission audit_read in class capability2 not defined in policy.
SELinux: the above unknown classes and permissions will be denied

The kernel change from AOSP is:
https://android.googlesource.com/kernel/common/+/3a101b8de0d39403b2c7e5c23fd0b005668acf48%5E%21/security/selinux/include/classmap.h

Change-Id: I236fbb8ac575c5cb8df097014da6395e20378175
Signed-off-by: Woojung Min <wmin@nvidia.com>
---
 access_vectors | 1 +
 1 file changed, 1 insertion(+)

diff --git a/access_vectors b/access_vectors
index 5b5b6ad69..ccf70189b 100644
--- a/access_vectors
+++ b/access_vectors
@@ -406,6 +406,7 @@ class capability2
 	syslog
 	wake_alarm
 	block_suspend
+	audit_read
 }
 
 #
-- 
GitLab