system_server访问vendor目录selinux问题

场景:pms读取vendor/system/presetapp 目录下的所有文件

From 5249a3ec20bd32bca34aed5e8da08238f9be9a48 Mon Sep 17 00:00:00 2001
From: kevin.yu 
Date: Thu, 01 Aug 2019 15:33:49 +0800
Subject: [PATCH] [SKYW-19353] add selinux permission for read vendor

Change-Id: I1a4a2aa2c7cc10e406a099a5a89de818ab36111e
---

diff --git a/common/file.te b/common/file.te
index 6018f51..52de5bf 100755
--- a/common/file.te
+++ b/common/file.te
@@ -67,3 +67,6 @@
 # charge_logger file
 type charge_log_file, file_type, data_file_type;
 
+# presetapp file
+type vendor_presetapp_file, vendor_file_type, file_type;
+
diff --git a/common/file_contexts b/common/file_contexts
index d1e5b3d..5625fa0 100755
--- a/common/file_contexts
+++ b/common/file_contexts
@@ -44,7 +44,7 @@
 
 /dev/socket/msd                                 u:object_r:modemservice_socket:s0
 /dev/socket/msd-debug                           u:object_r:modemservice_socket:s0
-
+/(vendor|system/vendor)/presetapp(/.*)?         u:object_r:vendor_presetapp_file:s0
 /(vendor|system/vendor)/bin/modemservice        u:object_r:modemservice_exec:s0
 /(vendor|system/vendor)/bin/modemservice_test   u:object_r:modemservice_exec:s0
 
diff --git a/common/system_server.te b/common/system_server.te
index 2f355bd..f24e031 100755
--- a/common/system_server.te
+++ b/common/system_server.te
@@ -52,3 +52,5 @@
 allow system_server hal_bshealth_hwservice:hwservice_manager find;
 allow system_server hal_bshealth_default:binder call;
 allow system_server hal_bshealth_default:binder transfer;
+allow system_server vendor_presetapp_file:file r_file_perms;
+allow system_server vendor_presetapp_file:dir r_dir_perms;
diff --git a/darklighter/system_server.te b/darklighter/system_server.te
index 6456e3b..7a33dbb 100755
--- a/darklighter/system_server.te
+++ b/darklighter/system_server.te
@@ -19,4 +19,3 @@
 
 allow system_server vendor_usb_prop:file { getattr map open read };
 allow system_server vendor_usb_prop:property_service set;
-allow system_server vendor_file:dir { read };