From 9aeebe4081bdd6e89652d7d6d2a51d09033b4b0c Mon Sep 17 00:00:00 2001
From: 7Soldier <reg.fm4@gmail.com>
Date: Thu, 16 Jun 2022 08:02:24 +0300
Subject: [PATCH] sdm660-common: sepolicy: Dontaudit crash_dump init ptrace
 denial

Signed-off-by: 7Soldier <reg.fm4@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
---
 sepolicy/vendor/dontaudit.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sepolicy/vendor/dontaudit.te b/sepolicy/vendor/dontaudit.te
index 40fae31a..05a17d6d 100644
--- a/sepolicy/vendor/dontaudit.te
+++ b/sepolicy/vendor/dontaudit.te
@@ -26,3 +26,6 @@ dontaudit vendor_pd_mapper self:capability sys_admin;
 dontaudit vendor_toolbox self:capability sys_admin;
 dontaudit vold_prepare_subdirs self:capability sys_admin;
 
+# Neverallow: no domain should be allowed to ptrace init 
+# at system/sepolicy/public/init.te
+dontaudit crash_dump init:process ptrace;