From 6e773cd56abff871a9635a037e7c2ff20e8e5826 Mon Sep 17 00:00:00 2001
From: Sooraj S <sooorajjj@gmail.com>
Date: Wed, 11 Nov 2020 17:46:53 +0530
Subject: [PATCH 1/2] sepolicy: allow platform_app rs_exec:file rx_file_perms

foundation.e.camera depend on being able to execute /system/bin/bcc. Allow
it.
---
 common/private/platform_app.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/common/private/platform_app.te b/common/private/platform_app.te
index 1d860b3..9e18c90 100644
--- a/common/private/platform_app.te
+++ b/common/private/platform_app.te
@@ -15,3 +15,4 @@ allow platform_app fuse:fifo_file create;
 allow platform_app app_data_file:fifo_file create;
 allow platform_app app_data_file:fifo_file { read write };
 allow platform_app app_data_file:fifo_file open;
+allow platform_app rs_exec:file rx_file_perms;
-- 
GitLab


From 4fa05d736cf77397c35cba6bbfe2b635716eb3ff Mon Sep 17 00:00:00 2001
From: Alexandre Roux <alexandre.roux.danzi@lostpod.me>
Date: Fri, 7 Aug 2020 07:41:32 +0000
Subject: [PATCH 2/2] sepolicy: allow platform_app access app_data_file

---
 common/private/platform_app.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/common/private/platform_app.te b/common/private/platform_app.te
index 9e18c90..f297e80 100644
--- a/common/private/platform_app.te
+++ b/common/private/platform_app.te
@@ -16,3 +16,6 @@ allow platform_app app_data_file:fifo_file create;
 allow platform_app app_data_file:fifo_file { read write };
 allow platform_app app_data_file:fifo_file open;
 allow platform_app rs_exec:file rx_file_perms;
+
+# Allow platform apps to execute files in /data
+allow platform_app app_data_file:file execute;
-- 
GitLab