From f9c741b86042f0fd9eb980b12f10b72719685936 Mon Sep 17 00:00:00 2001
From: Andreas Gampe <agampe@google.com>
Date: Fri, 12 Aug 2016 19:37:59 -0700
Subject: [PATCH] sepolicy: give otapreopt getattr

(cherry picked from commit 88c514658544c3bf157d6b597c7ccfa7f3c17293)

Allow the otapreopt rename script to read file attributes. This is
being used to print the aggregate artifact size for diagnostic
purposes.

Bug: 30832951
Change-Id: Iee410adf59dcbb74fa4b49edb27d028025cd8bf9
---
 otapreopt_slot.te | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/otapreopt_slot.te b/otapreopt_slot.te
index b68b399d7..2f4da0a12 100644
--- a/otapreopt_slot.te
+++ b/otapreopt_slot.te
@@ -11,8 +11,9 @@ type otapreopt_slot_exec, exec_type, file_type;
 init_daemon_domain(otapreopt_slot)
 
 # The otapreopt_slot renames the OTA dalvik-cache to the regular dalvik-cache, and cleans up
-# the directory afterwards.
+# the directory afterwards. For logging of aggregate size, we need getattr.
 allow otapreopt_slot ota_data_file:dir { rw_dir_perms rename reparent rmdir };
+allow otapreopt_slot ota_data_file:file { getattr };
 
 # Delete old content of the dalvik-cache.
 allow otapreopt_slot dalvikcache_data_file:dir { add_name getattr open read remove_name rmdir search write };
-- 
GitLab