zygote: Add setattr permission to cgroup Credit to Himanshu Agrawal <quic_hagraw@quicinc.com> for this fix. Like we do with cgroup_v2, we set attribute permission to cgroup as well. This is the same fix as https://android-review.googlesource.com/c/platform/system/sepolicy/+/1927857/ but it applies it to the prebuilts for api 32.0. Test: On a Go device, which uses cgroup instead of cgroup_v2 Bug: 211037424, 211514318 Change-Id: Ib57c94d72d50317619aa513e9f784582e0c45862

commit: 2b95a08c99a290982d178651f095c1c1db65c2f1 [log] [tgz]
author: Greg Kaiser <gkaiser@google.com> Thu Dec 16 14:14:29 2021 -0800
committer: Greg Kaiser <gkaiser@google.com> Mon Dec 20 15:21:26 2021 -0800
tree: 36096ddd83926c48918a60816583a83db2eeef95
parent: 76867eabd1074454d39810ec08cde13b4895689e [diff]
diff --git a/prebuilts/api/32.0/private/zygote.te b/prebuilts/api/32.0/private/zygote.te
index 090e121..743647e 100644
--- a/prebuilts/api/32.0/private/zygote.te
+++ b/prebuilts/api/32.0/private/zygote.te

@@ -112,7 +112,7 @@
 
 # Control cgroups.
 allow zygote cgroup:dir create_dir_perms;
-allow zygote cgroup:{ file lnk_file } r_file_perms;
+allow zygote cgroup:{ file lnk_file } { r_file_perms setattr };
 allow zygote cgroup_v2:dir create_dir_perms;
 allow zygote cgroup_v2:{ file lnk_file } { r_file_perms setattr };
 allow zygote self:global_capability_class_set sys_admin;
commit	2b95a08c99a290982d178651f095c1c1db65c2f1	[log] [tgz]
author	Greg Kaiser <gkaiser@google.com>	Thu Dec 16 14:14:29 2021 -0800
committer	Greg Kaiser <gkaiser@google.com>	Mon Dec 20 15:21:26 2021 -0800
tree	36096ddd83926c48918a60816583a83db2eeef95
parent	76867eabd1074454d39810ec08cde13b4895689e [diff]