Read selinux_denial_metadata from /vendor selinux_denial_metadata contains device-specific information, so it is being moved to /vendor. Bug: 5159394 Test: bug information is still preserved in avc logs, e.g. audit(0.0:248): avc: denied { read } for name="u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=18012 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=0 b/79617173 app=com.android.systemui Change-Id: I23293e715b5d793a54466a128ccd57f44370cf5a

commit: 66d7b616d1b883e158e295fdc284561d33ea4a29 [log] [tgz]
author: Tri Vo <trong@google.com> Wed Jan 23 09:58:35 2019 -0800
committer: Tri Vo <trong@google.com> Wed Jan 23 09:58:37 2019 -0800
tree: 829212d6b17de06696393052fb735b669c20015e
parent: 9fbe1221d9e6aab7ba88353e4e962aea22f68448 [diff]
diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp
index 470ffed..a21555c 100644
--- a/logd/LogAudit.cpp
+++ b/logd/LogAudit.cpp

@@ -111,7 +111,7 @@
 }
 
 std::map<std::string, std::string> LogAudit::populateDenialMap() {
-    std::ifstream bug_file("/system/etc/selinux/selinux_denial_metadata");
+    std::ifstream bug_file("/vendor/etc/selinux/selinux_denial_metadata");
     std::string line;
     // allocate a map for the static map pointer in auditParse to keep track of,
     // this function only runs once
commit	66d7b616d1b883e158e295fdc284561d33ea4a29	[log] [tgz]
author	Tri Vo <trong@google.com>	Wed Jan 23 09:58:35 2019 -0800
committer	Tri Vo <trong@google.com>	Wed Jan 23 09:58:37 2019 -0800
tree	829212d6b17de06696393052fb735b669c20015e
parent	9fbe1221d9e6aab7ba88353e4e962aea22f68448 [diff]