Merge "Allow reading proc file in crosvm process for reading cpu/mem stat in VM" am: b43e1b1c19 am: 3d9b334391 am: f4337cbd53

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2300539

Change-Id: I6d72bef65aa43bb43cd1f38288a31c88802a2585
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
Seungjae Yoo 2022-11-15 04:44:07 +00:00 committed by Automerger Merge Worker
commit a585dac805

View file

@ -84,6 +84,9 @@ unix_socket_connect(virtualizationservice, tombstoned_crash, tombstoned)
allow virtualizationservice tombstone_data_file:file { append getattr };
allow virtualizationservice tombstoned:fd use;
# Allow reading files under /proc/[crosvm pid]/, for collecting CPU & memory usage inside VM.
r_dir_file(virtualizationservice, crosvm);
neverallow {
domain
-init