Allow sdcardd tmpfs read access.

Address the following denial: type=1400 audit(1453854842.899:7): avc: denied { search } for pid=1512 comm="sdcard" name="/" dev="tmpfs" ino=7547 scontext=u:r:sdcardd:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir permissive=0 vold: EmulatedVolume calls sdcard to mount on /storage/emulated. Bug: 26807309 Change-Id: Ifdd7c356589f95165bba489dd06282a4087e9aee

Allow sdcardd tmpfs read access.
db559a34 · dcashman · 98f60e5c · db559a34
Commit db559a34 authored 9 years ago by dcashman
--- a/sdcardd.te
+++ b/sdcardd.te
@@ -4,6 +4,7 @@ type sdcardd_exec, exec_type, file_type;
 allow sdcardd cgroup:dir create_dir_perms;
 allow sdcardd fuse_device:chr_file rw_file_perms;
 allow sdcardd rootfs:dir mounton;  # TODO: deprecated in M
+allow sdcardd tmpfs:dir r_dir_perms;
 allow sdcardd mnt_media_rw_file:dir r_dir_perms;
 allow sdcardd storage_file:dir search;
 allow sdcardd storage_stub_file:dir { search mounton };