From bf863dbffca4a140dd1ec715e5ee44a7bd3f9cbe Mon Sep 17 00:00:00 2001
From: bohu <bohu@google.com>
Date: Tue, 19 Apr 2016 15:04:58 -0700
Subject: [PATCH] Fix emulator specific SELinux denials related to qemu.gles

init: avc:  denied  { set } for property=qemu.gles pid=108 uid=1003 gid=1003 scontext=u:r:bootanim:s0 tcontext=u:object_r:qemu_prop:s0 tclass=property_service permissive=1
init: avc:  denied  { set } for property=qemu.gles pid=75 uid=0 gid=0 scontext=u:r:zygote:s0 tcontext=u:object_r:qemu_prop:s0 tclass=property_service permissive=1

bug: 28221393
Change-Id: Icb0ee7fbf9a7b985f66fac087a48d9b5789e2b67
---
 target/board/generic/sepolicy/bootanim.te | 2 ++
 target/board/generic/sepolicy/zygote.te   | 1 +
 2 files changed, 3 insertions(+)
 create mode 100644 target/board/generic/sepolicy/zygote.te

diff --git a/target/board/generic/sepolicy/bootanim.te b/target/board/generic/sepolicy/bootanim.te
index d6506e11d..b4b1eef83 100644
--- a/target/board/generic/sepolicy/bootanim.te
+++ b/target/board/generic/sepolicy/bootanim.te
@@ -1,2 +1,4 @@
 allow bootanim self:process execmem;
 allow bootanim ashmem_device:chr_file execute;
+
+set_prop(bootanim, qemu_prop)
diff --git a/target/board/generic/sepolicy/zygote.te b/target/board/generic/sepolicy/zygote.te
new file mode 100644
index 000000000..a90f02b1a
--- /dev/null
+++ b/target/board/generic/sepolicy/zygote.te
@@ -0,0 +1 @@
+set_prop(zygote, qemu_prop)