Merge "Allow reading proc file in crosvm process for reading cpu/mem stat in VM" am: b43e1b1c19
am: 3d9b334391
am: f4337cbd53
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2300539 Change-Id: I6d72bef65aa43bb43cd1f38288a31c88802a2585 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
This commit is contained in:
commit
a585dac805
1 changed files with 3 additions and 0 deletions
|
@ -84,6 +84,9 @@ unix_socket_connect(virtualizationservice, tombstoned_crash, tombstoned)
|
||||||
allow virtualizationservice tombstone_data_file:file { append getattr };
|
allow virtualizationservice tombstone_data_file:file { append getattr };
|
||||||
allow virtualizationservice tombstoned:fd use;
|
allow virtualizationservice tombstoned:fd use;
|
||||||
|
|
||||||
|
# Allow reading files under /proc/[crosvm pid]/, for collecting CPU & memory usage inside VM.
|
||||||
|
r_dir_file(virtualizationservice, crosvm);
|
||||||
|
|
||||||
neverallow {
|
neverallow {
|
||||||
domain
|
domain
|
||||||
-init
|
-init
|
||||||
|
|
Loading…
Reference in a new issue