bpfloader: allowing reading proc_bpf:file

(so we can check if we need to change it) Test: TreeHugger Signed-off-by: Maciej Żenczykowski <maze@google.com> Change-Id: I229a772ec6ecebcd8826730af568980f578842ee
2024-03-14 10:47:30 +00:00 · 2024-03-14 10:47:30 +00:00 · 446c8c0837
commit 446c8c0837
parent 43c2a181d0
1 changed files with 1 additions and 1 deletions
--- a/private/bpfloader.te
+++ b/private/bpfloader.te
@ -18,7 +18,7 @@ allow bpfloader self:capability { chown sys_admin net_admin };
 allow bpfloader sysfs_fs_fuse_bpf:file r_file_perms;
-allow bpfloader proc_bpf:file w_file_perms;
+allow bpfloader proc_bpf:file rw_file_perms;
 set_prop(bpfloader, bpf_progs_loaded_prop)