sepolicy: Grant system_server and init access to /proc/pressure/memory am: 251591fa04 am: efd9d3fdb1

am: 50cd647f85 Change-Id: Iab4b3442c6e34595e660a8a4bbd01700eaedcec3
2019-03-29 13:37:17 -07:00 · 2019-03-29 13:37:17 -07:00 · af3639d08a
commit af3639d08a
parent bb9d64da64 50cd647f85
2 changed files with 6 additions and 0 deletions
--- a/private/system_server.te
+++ b/private/system_server.te
@ -1019,6 +1019,9 @@ allow system_server metadata_file:dir search;
 allow system_server password_slot_metadata_file:dir rw_dir_perms;
 allow system_server password_slot_metadata_file:file create_file_perms;

+# Read/Write /proc/pressure/memory
+allow system_server proc_pressure_mem:file rw_file_perms;
+
 # dexoptanalyzer is currently used only for secondary dex files which
 # system_server should never access.
 neverallow system_server dexoptanalyzer_exec:file no_x_file_perms;
--- a/public/init.te
+++ b/public/init.te
@ -554,6 +554,9 @@ allow servicemanager init:binder transfer;
 # Allow calls from init to apexd
 allow init apexd:binder call;

+# Allow init to touch PSI monitors
+allow init proc_pressure_mem:file { rw_file_perms setattr };
+
 ###
 ### neverallow rules
 ###