Add mlstrustedobject to appfuse object type.

To write bytes to appfuse file from priv_app, we need to specify mlstrustedobject. The CL fixes the following denial. type=1400 audit(0.0:77): avc: denied { write } for name="10" dev="fuse" ino=10 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:app_fuse_file:s0 tclass=file permissive=0 BUG=23093747 Change-Id: I9901033bb3349d5def0bd7128db45a1169856dc1
author: Daichi Hirono <hirono@google.com> 2016-03-22 17:14:30 +0900
committer: Nick Kralevich <nnk@google.com> 2016-03-28 00:06:45 +0000
commit: 4d19f98c728373860c5628d46fe5f4d664c601d2 (patch)
tree: e6786e48e023a997cfc0937de8115a6f020b0cef
parent: 0144eedba57cc078112f95ca66d827f98ecf4a5b (diff)
download: sepolicy-4d19f98c728373860c5628d46fe5f4d664c601d2.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/file.te b/file.te
index 640fbe2..b789e36 100644
--- a/file.te
+++ b/file.te
@@ -181,7 +181,7 @@ type bluetooth_efs_file, file_type;
 # Type for fingerprint template file.
 type fingerprintd_data_file, file_type, data_file_type;
 # Type for appfuse file.
-type app_fuse_file, file_type, data_file_type;
+type app_fuse_file, file_type, data_file_type, mlstrustedobject;
 
 # Socket types
 type adbd_socket, file_type;
author	Daichi Hirono <hirono@google.com>	2016-03-22 17:14:30 +0900
committer	Nick Kralevich <nnk@google.com>	2016-03-28 00:06:45 +0000
commit	4d19f98c728373860c5628d46fe5f4d664c601d2 (patch)
tree	e6786e48e023a997cfc0937de8115a6f020b0cef
parent	0144eedba57cc078112f95ca66d827f98ecf4a5b (diff)
download	sepolicy-4d19f98c728373860c5628d46fe5f4d664c601d2.tar.gz