From 8758cc5f8b341352e553e62989e7eab57b094e1d Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Thu, 11 Jul 2013 11:30:20 -0700
Subject: [PATCH] domain.te: allow access to
 /sys/kernel/debug/tracing/trace_marker

Bug: 9781325
Change-Id: Ib6f6875f690420b59fceb0a32590a2b9ed8dda95
---
 domain.te | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/domain.te b/domain.te
index 9ca6dc4e6..4cf20eadb 100644
--- a/domain.te
+++ b/domain.te
@@ -108,14 +108,8 @@ r_dir_file(domain, inotify)
 r_dir_file(domain, cgroup)
 
 # debugfs access
-bool debugfs false;
-if (debugfs) {
 allow domain debugfs:dir r_dir_perms;
-allow domain debugfs:file rw_file_perms;
-} else {
-dontaudit domain debugfs:dir r_dir_perms;
-dontaudit domain debugfs:file  rw_file_perms;
-}
+allow domain debugfs:file w_file_perms;
 
 # security files
 allow domain security_file:dir { search getattr };
-- 
GitLab