From bcdff890304e694c09bf0a4a90fb76a82434fa57 Mon Sep 17 00:00:00 2001
From: Mark Salyzyn <salyzyn@google.com>
Date: Mon, 1 Sep 2014 11:07:26 -0700
Subject: [PATCH] logd: permit app access to clear logs

I/auditd(19949): type=1400 audit(0.0:71): avc:  denied  { write } for  comm="logcat" name="logd" dev="tmpfs" ino=5924 scontext=u:r:untrusted_app:s0 tcontext=u:object_r:logd_socket:s0 tclass=sock_file

(cherry picked from 60f0be84c0cf3a895c6b95ee8387b71e1b0c6d83)

Bug: 17323719
Change-Id: Id8399195196ffad884eef98030d544c68ed0596f
---
 app.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app.te b/app.te
index ad9cffe11..6c38f10e3 100644
--- a/app.te
+++ b/app.te
@@ -177,6 +177,7 @@ allow appdomain domain:process getattr;
 
 # logd access
 read_logd(appdomain)
+control_logd(appdomain)
 # application inherit logd write socket (urge is to deprecate this long term)
 allow appdomain zygote:unix_dgram_socket write;
 
-- 
GitLab