Merge "dontaudit kernel search allow debugfs"

commit: f43519dad8aa91bbf2f098aca84f050808cb2fa4 [log] [tgz]
author: TreeHugger Robot <treehugger-gerrit@google.com> Thu Feb 09 02:12:22 2023 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> Thu Feb 09 02:12:22 2023 +0000
tree: 66007f52ad2d4d4f271ac30e5fc94953ae5c8855
parent: f60b740692d21562f8baeb277acfcd897eb2e358 [diff]
parent: ac3c24c4f2976b73209e31be0b9cb2db2baf5187 [diff]
diff --git a/tracking_denials/kernel.te b/tracking_denials/kernel.te
index 315f001..6c727b2 100644
--- a/tracking_denials/kernel.te
+++ b/tracking_denials/kernel.te

@@ -2,8 +2,6 @@
 dontaudit kernel same_process_hal_file:file { open };
 dontaudit kernel same_process_hal_file:file { read };
 dontaudit kernel vendor_regmap_debugfs:dir { search };
-# b/261650972
-dontaudit kernel vendor_battery_debugfs:dir { search };
 # b/261933155
 dontaudit kernel vendor_fw_file:file { getattr };
 # b/262794429

diff --git a/vendor/kernel.te b/vendor/kernel.te
index cab39fb..2456a65 100644
--- a/vendor/kernel.te
+++ b/vendor/kernel.te

@@ -3,3 +3,7 @@
 
 # ZRam
 allow kernel per_boot_file:file r_file_perms;
+
+no_debugfs_restriction(`
+  allow kernel vendor_battery_debugfs:dir search;
+')
commit	f43519dad8aa91bbf2f098aca84f050808cb2fa4	[log] [tgz]
author	TreeHugger Robot <treehugger-gerrit@google.com>	Thu Feb 09 02:12:22 2023 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	Thu Feb 09 02:12:22 2023 +0000
tree	66007f52ad2d4d4f271ac30e5fc94953ae5c8855
parent	f60b740692d21562f8baeb277acfcd897eb2e358 [diff]
parent	ac3c24c4f2976b73209e31be0b9cb2db2baf5187 [diff]