From fb0863a414edfbf198f48139c3a3ad5f1f7dcb41 Mon Sep 17 00:00:00 2001
From: Max Bires <jbires@google.com>
Date: Tue, 18 Apr 2017 13:03:39 -0700
Subject: [PATCH] Changing ueventd access from vendor_file to vendor_file_type.

This handles any relabeling of vendor_file to a more specific type in
the case of device bringups or future changes to private/file_context
since ueventd will still need read access to all vendor_file's.

Test: Ueventd has read access to any vendor_file_type
Change-Id: I922af54c76d1ef46ea6536e6dc945b37bcc2126a
---
 public/ueventd.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/ueventd.te b/public/ueventd.te
index 8ec667e04..1396d62b8 100644
--- a/public/ueventd.te
+++ b/public/ueventd.te
@@ -30,7 +30,7 @@ allow ueventd efs_file:file r_file_perms;
 r_dir_file(ueventd, selinuxfs)
 
 # Access for /vendor/ueventd.rc and /vendor/firmware
-r_dir_file(ueventd, vendor_file)
+r_dir_file(ueventd, { vendor_file_type -vendor_app_file -vendor_overlay_file })
 
 # Get file contexts for new device nodes
 allow ueventd file_contexts_file:file r_file_perms;
-- 
GitLab