From 57b2e8cd01fb556322cba6725b3df037ec12f743 Mon Sep 17 00:00:00 2001
From: Tri Vo <trong@google.com>
Date: Wed, 23 Jan 2019 09:58:35 -0800
Subject: [PATCH] Read selinux_denial_metadata from /vendor

selinux_denial_metadata contains device-specific information, so it is
being moved to /vendor.

Bug: 5159394
Test: bug information is still preserved in avc logs, e.g.
audit(0.0:248): avc: denied { read } for
name="u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=18012
scontext=u:r:platform_app:s0:c512,c768
tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=0
b/79617173 app=com.android.systemui
Change-Id: I23293e715b5d793a54466a128ccd57f44370cf5a
---
 logd/LogAudit.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp
index 470ffedee..a21555c08 100644
--- a/logd/LogAudit.cpp
+++ b/logd/LogAudit.cpp
@@ -111,7 +111,7 @@ static inline bool hasMetadata(char* str, int str_len) {
 }
 
 std::map<std::string, std::string> LogAudit::populateDenialMap() {
-    std::ifstream bug_file("/system/etc/selinux/selinux_denial_metadata");
+    std::ifstream bug_file("/vendor/etc/selinux/selinux_denial_metadata");
     std::string line;
     // allocate a map for the static map pointer in auditParse to keep track of,
     // this function only runs once