Getting avc: denied error in AOSP 6.0.1

Question

Getting avc: denied error(SEpolicy while copying from sdcard directory to cache/SH_DIR.

Error :

type=1400 audit(1623259119.150:7): avc: denied { search } for pid=2780 comm="xyz" name="default" dev="tmpfs" ino=7420 scontext=u:r:aaa_bbb:s0

Code logic :

    FILE *sourceFile; 
    FILE *destFile;
    char sourcePath[100]= "/storage/emulated/0/test.txt";
    char destPath[100]="/cache/SH_DIR/";
    char ch;


    printf("Enter source file path: %s",sourcePath);

    printf("Enter destination file path:%s ",destPath);


    sourceFile  = fopen(sourcePath, "r");
    destFile    = fopen(destPath,   "w");
 
    if (sourceFile == NULL || destFile == NULL)
        {
    
    printf("\nUnable to open file.\n");
    printf("Please check if file exists and you have read/write privilege.\n");


    exit(EXIT_FAILURE);
        }
ch = fgetc(sourceFile);
while (ch != EOF)
{
    /* Write to destination file */
    fputc(ch, destFile);

    /* Read next character from source file */
    ch = fgetc(sourceFile);
}


printf("\nFiles copied successfully.\n");



/* Finally close files to release resources */
fclose(sourceFile);
fclose(destFile);

Registation file in SEPOLICY :

AOSP/vendor/.../sepolicy/file_contexts :

 /cache/SH_DIR(/.*)? u:object_r:ccc_downloaded_sw_file:s0

filename.te:

allow filename ccc_downloaded_sw_file:dir { open search read write getattr add_name remove_name };
allow filename ccc_downloaded_sw_file:file { open read create write unlink append getattr setattr };

Can you please help me, why I am unable to copy file from source to destination.

Answer 1

If the /cache partition is mounted as tmpfs, you need to add:

allow filename tmpfs_t:dir { open search read write getattr add_name remove_name };

allow filename tmpfs_t:file {  open read create write unlink append getattr setattr }