From 7c2ddff90fe36189f3b791d4fe0e1829ccdb8548 Mon Sep 17 00:00:00 2001
From: Elektroschmock <elektroschmock78@googlemail.com>
Date: Mon, 28 Sep 2020 23:12:32 +0200
Subject: [PATCH] sdm660-common: sepolicy: Fix isolated_app denial

avc: denied { setattr } for comm="CrUtilityMain" name="commands.json" dev="mmcblk0p42" ino=1251111 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="commands.json" dev="mmcblk0p42" ino=1251111 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="f2" dev="mmcblk0p42" ino=1251128 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="f2" dev="mmcblk0p42" ino=1251128 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0

Change-Id: I9a70417149c3239b89cc4266942cb3de4da34a4f
Signed-off-by: pix106 <sbordenave@gmail.com>
---
 sepolicy/vendor/isolated_app.te | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 sepolicy/vendor/isolated_app.te

diff --git a/sepolicy/vendor/isolated_app.te b/sepolicy/vendor/isolated_app.te
new file mode 100644
index 00000000..418e79bc
--- /dev/null
+++ b/sepolicy/vendor/isolated_app.te
@@ -0,0 +1 @@
+allow isolated_app app_data_file:file setattr;