Revert^2 "Add mmd selinux policies for zram setup"
This reverts commit 43202350fe48962edd00b7ef968175a96b032895
Reason for revert: Roll forward this change with the updated change in
the same topic to address the selinux violation issue.
Bug: 375432644
Bug: 370509309
Test: m; manually verify mmd zram setup works
Change-Id: I1e620ef74a41672682cf5540d90827af7f810269
diff --git a/private/mmd.te b/private/mmd.te
index d299bd8..90510f1 100644
--- a/private/mmd.te
+++ b/private/mmd.te
@@ -13,9 +13,19 @@
add_service(mmd, mmd_service)
binder_use(mmd)
+# Read /proc/swaps
+allow mmd proc_swaps:file r_file_perms;
+
# zram sysfs access
allow mmd sysfs_zram:dir search;
allow mmd sysfs_zram:file rw_file_perms;
# procfs
allow mmd proc_meminfo:file r_file_perms;
+
+# mkswap /dev/block/zram command
+allow mmd block_device:dir search;
+allow mmd swap_block_device:blk_file rw_file_perms;
+
+# swapon syscall
+allow mmd self:capability sys_admin;