Add SELinux policy for using userfaultfd ART runtime will be using userfaultfd for a new heap compaction algorithm. After enabling userfaultfd in android kernels (with SELinux support), the feature needs policy that allows { create ioctl read } operations on userfaultfd file descriptors. Bug: 160737021 Test: Manually tested by exercising userfaultfd ops in ART Change-Id: I9ccb7fa9c25f91915639302715f6197d42ef988e

commit: 06edcd8250a249192981c7fbeea196249394b9ad [log] [tgz]
author: Lokesh Gidra <lokeshgidra@google.com> Thu Mar 11 11:32:47 2021 -0800
committer: Lokesh Gidra <lokeshgidra@google.com> Wed Mar 17 04:57:22 2021 -0700
tree: 14d2d2d49c35789a0bd49b97a642f8d9d303e993
parent: 3d52817da411821e7288c7c9d730fb42fc9a6e64 [diff] [blame]
diff --git a/private/security_classes b/private/security_classes
index 3e9bff0..200b030 100644
--- a/private/security_classes
+++ b/private/security_classes

@@ -15,6 +15,7 @@
 # file-related classes
 class filesystem
 class file
+class anon_inode
 class dir
 class fd
 class lnk_file
commit	06edcd8250a249192981c7fbeea196249394b9ad	[log] [tgz]
author	Lokesh Gidra <lokeshgidra@google.com>	Thu Mar 11 11:32:47 2021 -0800
committer	Lokesh Gidra <lokeshgidra@google.com>	Wed Mar 17 04:57:22 2021 -0700
tree	14d2d2d49c35789a0bd49b97a642f8d9d303e993
parent	3d52817da411821e7288c7c9d730fb42fc9a6e64 [diff] [blame]