Merge "Allow reading proc file in crosvm process for reading cpu/mem stat in VM" am: b43e1b1c19
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2300539 Change-Id: I0981485fb364b89e3a697d263d8323126ac7837c Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Seungjae Yoo
Automerger Merge Worker
commit
3d9b334391
1 changed files with 3 additions and 0 deletions
|
|
@ -84,6 +84,9 @@ unix_socket_connect(virtualizationservice, tombstoned_crash, tombstoned)
|
|||
allow virtualizationservice tombstone_data_file:file { append getattr };
|
||||
allow virtualizationservice tombstoned:fd use;
|
||||
|
||||
# Allow reading files under /proc/[crosvm pid]/, for collecting CPU & memory usage inside VM.
|
||||
r_dir_file(virtualizationservice, crosvm);
|
||||
|
||||
neverallow {
|
||||
domain
|
||||
-init
|
||||
|
|
|
|||
Loading…
Reference in a new issue