From 3bdc0abc680d1b4470b70540202f760a608204ca Mon Sep 17 00:00:00 2001
From: Jeff Sharkey <jsharkey@android.com>
Date: Fri, 3 Apr 2015 09:52:02 -0700
Subject: [PATCH] Apps need more than just search.

avc: denied { getattr } for path="/storage/self" dev="tmpfs" ino=3129 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:mnt_user_file:s0 tclass=dir permissive=0

Change-Id: I802321331e9bd7ae41d3af7ace39364240db6d84
---
 adbd.te | 2 +-
 app.te  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/adbd.te b/adbd.te
index 72deb5026..ba673f400 100644
--- a/adbd.te
+++ b/adbd.te
@@ -91,5 +91,5 @@ allow adbd bootchart_data_file:file r_file_perms;
 # and symlinks to primary storage at places like /storage/sdcard0 and /mnt/user/0/primary
 allow adbd storage_file:dir r_dir_perms;
 allow adbd storage_file:lnk_file r_file_perms;
-allow adbd mnt_user_file:dir search;
+allow adbd mnt_user_file:dir r_dir_perms;
 allow adbd mnt_user_file:lnk_file r_file_perms;
diff --git a/app.te b/app.te
index 52a3bd6a8..5917f7c6d 100644
--- a/app.te
+++ b/app.te
@@ -128,7 +128,7 @@ allow appdomain radio_data_file:file { read write getattr };
 # and symlinks to primary storage at places like /storage/sdcard0 and /mnt/user/0/primary
 allow appdomain storage_file:dir r_dir_perms;
 allow appdomain storage_file:lnk_file r_file_perms;
-allow appdomain mnt_user_file:dir search;
+allow appdomain mnt_user_file:dir r_dir_perms;
 allow appdomain mnt_user_file:lnk_file r_file_perms;
 
 # Read/write visible storage
-- 
GitLab