From b6f2052cd7adf259e4a8f3c51b667f0ba5bb2004 Mon Sep 17 00:00:00 2001
From: Kshitij Gupta <kshitijgm@gmail.com>
Date: Sat, 19 Mar 2022 23:10:00 +0800
Subject: [PATCH] sdm660-common: sepolicy: dontaudit untrusted_app to open
 ashmem_device

- Fixes scroll lag in many apps, such as Twitter:
    W RenderThread: type=1400 audit(0.0:12371): avc: denied { open } for path=/dev/ashmem dev=tmpfs ino=10848 scontext=u:r:untrusted_app:s0:c123,c256,c512,c768 tcontext=u:object_r:ashmem_device:s0 tclass=chr_file permissive=0 app=com.twitter.android
- Apps are no longer allowed open access to /dev/ashmem, unless they
  target API level < Q.
  (https://android.googlesource.com/platform/system/sepolicy/+/8b12ff5f218139102d8eec90c91b114078be4402)

Change-Id: I6405786fea05891642d8437acafcd8c891d75912
Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
---
 sepolicy/vendor/dontaudit.te | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 sepolicy/vendor/dontaudit.te

diff --git a/sepolicy/vendor/dontaudit.te b/sepolicy/vendor/dontaudit.te
new file mode 100644
index 00000000..2b1c4e1c
--- /dev/null
+++ b/sepolicy/vendor/dontaudit.te
@@ -0,0 +1,3 @@
+# Apps are no longer allowed open access to /dev/ashmem, unless they
+# target API level < Q.
+dontaudit untrusted_app ashmem_device:chr_file open;