From fde3e6a0f72452c2b6c9b1da9777e60b27c3d8ea Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Fri, 13 Apr 2018 14:33:32 -0700
Subject: [PATCH] tombstoned: allow unlinking anr files

Tombstoned unlinks "trace_XX" files if there are too many of them.

avc: denied { unlink } for comm="tombstoned" name="trace_12"
scontext=u:r:tombstoned:s0 tcontext=u:object_r:anr_data_file:s0
tclass=file

Bug: 77970585
Test: Build/boot taimen. adb root; sigquit an app.

(cherry picked from commit eb8f938fd45038e70621d4e0a1c7e9b14e344698)

Change-Id: I2f29d12f747d688f8f4e06b48cf72c5109adc2ae
---
 public/tombstoned.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/tombstoned.te b/public/tombstoned.te
index cf3ddcba9..1dfcf504f 100644
--- a/public/tombstoned.te
+++ b/public/tombstoned.te
@@ -19,4 +19,4 @@ auditallow tombstoned anr_data_file:file { append write };
 # Changes for the new stack dumping mechanism. Each trace goes into a
 # separate file, and these files are managed by tombstoned.
 allow tombstoned anr_data_file:dir rw_dir_perms;
-allow tombstoned anr_data_file:file { getattr open create };
+allow tombstoned anr_data_file:file { create getattr open unlink };
-- 
GitLab