Dontaudit denials caused by race with labeling. am: f7ec4138

am: 67057bd9

Change-Id: I030ce633ea9561c2697e4357d159fbaeadd7f378

private/bootanim.te

 typeattribute bootanim coredomain;
 
 init_daemon_domain(bootanim)
+
+# b/68864350
+dontaudit bootanim unlabeled:dir search;

private/bug_map

-bootanim unlabeled dir 68864350
 crash_dump app_data_file dir 68319037
 crash_dump bluetooth_data_file dir 68319037
 crash_dump resourcecache_data_file dir 68319037
 crash_dump system_data_file file 68319037
 crash_dump vendor_overlay_file dir 68319037
 hal_fingerprint_default system_data_file dir 73068008
-hal_graphics_allocator_default unlabeled dir 70180742
-hal_graphics_composer_default unlabeled dir 68864350
 priv_app sysfs dir 72749888
 priv_app sysfs_android_usb file 72749888
 priv_app system_data_file dir 72811052
-surfaceflinger unlabeled dir 68864350
 system_server crash_dump process 73128755
 system_server vendor_framework_file dir 68826235
 untrusted_app_25 system_data_file dir 72550646

private/surfaceflinger.te

@@ -115,3 +115,6 @@ pdx_client(surfaceflinger, performance_client)
 # Do not allow accessing SDcard files as unsafe ejection could
 # cause the kernel to kill the process.
 neverallow surfaceflinger sdcard_type:file rw_file_perms;
+
+# b/68864350
+dontaudit surfaceflinger unlabeled:dir search;

vendor/hal_graphics_allocator_default.te

@@ -3,3 +3,6 @@ hal_server_domain(hal_graphics_allocator_default, hal_graphics_allocator)
 
 type hal_graphics_allocator_default_exec, exec_type, vendor_file_type, file_type;
 init_daemon_domain(hal_graphics_allocator_default)
+
+# b/70180742
+dontaudit hal_graphics_allocator_default unlabeled:dir search;

vendor/hal_graphics_composer_default.te

@@ -3,3 +3,6 @@ hal_server_domain(hal_graphics_composer_default, hal_graphics_composer)
 
 type hal_graphics_composer_default_exec, exec_type, vendor_file_type, file_type;
 init_daemon_domain(hal_graphics_composer_default)
+
+# b/68864350
+dontaudit hal_graphics_composer_default unlabeled:dir search;