Merge "Allow neuralnetworks hal service to read files from /sdcard"
diff --git a/prebuilts/api/29.0/private/genfs_contexts b/prebuilts/api/29.0/private/genfs_contexts
index b737f60..380d4a0 100644
--- a/prebuilts/api/29.0/private/genfs_contexts
+++ b/prebuilts/api/29.0/private/genfs_contexts
@@ -234,6 +234,7 @@
genfscon tracefs /events/kmem/rss_stat/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/kmem/ion_heap_grow/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/kmem/ion_heap_shrink/ u:object_r:debugfs_tracing:s0
+genfscon tracefs /events/ion/ion_stat/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/mm_event/mm_event_record/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/oom/oom_score_adj_update/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/task/task_rename/ u:object_r:debugfs_tracing:s0
@@ -278,6 +279,7 @@
genfscon debugfs /tracing/events/kmem/rss_stat/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/kmem/ion_heap_grow/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/kmem/ion_heap_shrink/ u:object_r:debugfs_tracing:s0
+genfscon debugfs /tracing/events/ion/ion_stat/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/mm_event/mm_event_record/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/oom/oom_score_adj_update/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/task/task_rename/ u:object_r:debugfs_tracing:s0
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index 8557aea..b7d6b66 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -21,6 +21,7 @@
atrace
binder_calls_stats_service
biometric_service
+ boot_status_prop
bootloader_boot_reason_prop
blank_screen
blank_screen_exec
diff --git a/private/compat/27.0/27.0.ignore.cil b/private/compat/27.0/27.0.ignore.cil
index e41ee74..3fdb0b4 100644
--- a/private/compat/27.0/27.0.ignore.cil
+++ b/private/compat/27.0/27.0.ignore.cil
@@ -23,6 +23,7 @@
blank_screen
blank_screen_exec
blank_screen_tmpfs
+ boot_status_prop
bootloader_boot_reason_prop
bluetooth_a2dp_offload_prop
bpfloader
diff --git a/private/compat/29.0/29.0.cil b/private/compat/29.0/29.0.cil
index 410d8e4..26a2d34 100644
--- a/private/compat/29.0/29.0.cil
+++ b/private/compat/29.0/29.0.cil
@@ -1205,7 +1205,7 @@
(typeattributeset exported2_vold_prop_29_0 (exported2_vold_prop vold_config_prop))
(typeattributeset exported3_default_prop_29_0 (exported3_default_prop))
(typeattributeset exported3_radio_prop_29_0 (exported3_radio_prop))
-(typeattributeset exported3_system_prop_29_0 (exported3_system_prop))
+(typeattributeset exported3_system_prop_29_0 (exported3_system_prop boot_status_prop))
(typeattributeset exported_audio_prop_29_0 (exported_audio_prop))
(typeattributeset exported_bluetooth_prop_29_0 (exported_bluetooth_prop))
(typeattributeset exported_config_prop_29_0 (exported_config_prop))
diff --git a/private/domain.te b/private/domain.te
index 2369e55..5b6dd80 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -72,6 +72,7 @@
# For now, everyone can access core property files
# Device specific properties are not granted by default
not_compatible_property(`
+ get_prop(domain, boot_status_prop)
get_prop(domain, core_property_type)
get_prop(domain, dalvik_config_prop)
get_prop(domain, exported_ffs_prop)
@@ -86,6 +87,7 @@
get_prop(domain, vold_config_prop)
')
compatible_property_only(`
+ get_prop({coredomain appdomain shell}, boot_status_prop)
get_prop({coredomain appdomain shell}, core_property_type)
get_prop({coredomain appdomain shell}, dalvik_config_prop)
get_prop({coredomain appdomain shell}, exported_ffs_prop)
diff --git a/private/genfs_contexts b/private/genfs_contexts
index d4d7fff..b423e64 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -241,6 +241,7 @@
genfscon tracefs /events/kmem/rss_stat/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/kmem/ion_heap_grow/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/kmem/ion_heap_shrink/ u:object_r:debugfs_tracing:s0
+genfscon tracefs /events/ion/ion_stat/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/mm_event/mm_event_record/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/oom/oom_score_adj_update/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/task/task_rename/ u:object_r:debugfs_tracing:s0
@@ -285,6 +286,7 @@
genfscon debugfs /tracing/events/kmem/rss_stat/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/kmem/ion_heap_grow/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/kmem/ion_heap_shrink/ u:object_r:debugfs_tracing:s0
+genfscon debugfs /tracing/events/ion/ion_stat/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/mm_event/mm_event_record/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/oom/oom_score_adj_update/ u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/task/task_rename/ u:object_r:debugfs_tracing:s0
diff --git a/private/property_contexts b/private/property_contexts
index 93aebe1..fff39d1 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -263,67 +263,77 @@
camera.disable_zsl_mode u:object_r:exported3_default_prop:s0 exact bool
camera.fifo.disable u:object_r:exported3_default_prop:s0 exact int
-dalvik.vm.appimageformat u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.backgroundgctype u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.boot-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.boot-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
-dalvik.vm.boot-image u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.checkjni u:object_r:dalvik_config_prop:s0 exact bool
-dalvik.vm.dex2oat-Xms u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.dex2oat-Xmx u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.dex2oat-filter u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.dex2oat-flags u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
-dalvik.vm.dex2oat64.enabled u:object_r:dalvik_config_prop:s0 exact bool
-dalvik.vm.dexopt.secondary u:object_r:dalvik_config_prop:s0 exact bool
-dalvik.vm.execution-mode u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.extra-opts u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.foreground-heap-growth-multiplier u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.gctype u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.heapgrowthlimit u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.heapmaxfree u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.heapminfree u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.heapsize u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.heapstartsize u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.heaptargetutilization u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.hot-startup-method-samples u:object_r:dalvik_config_prop:s0 exact int
-dalvik.vm.image-dex2oat-Xms u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.image-dex2oat-Xmx u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.image-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.image-dex2oat-filter u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.image-dex2oat-flags u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.image-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
-dalvik.vm.isa.arm.features u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.arm.variant u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.arm64.features u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.arm64.variant u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.mips.features u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.mips.variant u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.mips64.features u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.mips64.variant u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.unknown.features u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.unknown.variant u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.x86.features u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.x86.variant u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.x86_64.features u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.isa.x86_64.variant u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.jitinitialsize u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.jitmaxsize u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.jitprithreadweight u:object_r:dalvik_config_prop:s0 exact int
-dalvik.vm.jitthreshold u:object_r:dalvik_config_prop:s0 exact int
-dalvik.vm.jittransitionweight u:object_r:dalvik_config_prop:s0 exact int
-dalvik.vm.jniopts u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.lockprof.threshold u:object_r:dalvik_config_prop:s0 exact int
-dalvik.vm.method-trace u:object_r:dalvik_config_prop:s0 exact bool
-dalvik.vm.method-trace-file u:object_r:dalvik_config_prop:s0 exact string
-dalvik.vm.method-trace-file-siz u:object_r:dalvik_config_prop:s0 exact int
-dalvik.vm.method-trace-stream u:object_r:dalvik_config_prop:s0 exact bool
-dalvik.vm.profilesystemserver u:object_r:dalvik_config_prop:s0 exact bool
-dalvik.vm.profilebootclasspath u:object_r:dalvik_config_prop:s0 exact bool
-dalvik.vm.usejit u:object_r:dalvik_config_prop:s0 exact bool
-dalvik.vm.usejitprofiles u:object_r:dalvik_config_prop:s0 exact bool
-dalvik.vm.zygote.max-boot-retry u:object_r:dalvik_config_prop:s0 exact int
+# Should always_debuggable be bool? It's checked against the string "1".
+dalvik.vm.always_debuggable u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.appimageformat u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.backgroundgctype u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.boot-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.boot-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.boot-image u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.checkjni u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat-Xms u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-Xmx u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-filter u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-flags u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-max-image-block-size u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.dex2oat-minidebuginfo u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat-resolve-startup-strings u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.dex2oat-updatable-bcp-packages-file u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.dex2oat-very-large u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.dex2oat-swap u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dex2oat64.enabled u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.dexopt.secondary u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.execution-mode u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.extra-opts u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.foreground-heap-growth-multiplier u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.gctype u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapgrowthlimit u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapmaxfree u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapminfree u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heapstartsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.heaptargetutilization u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.hot-startup-method-samples u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.image-dex2oat-Xms u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-Xmx u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-filter u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-flags u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.image-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.isa.arm.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.arm.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.arm64.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.arm64.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips64.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.mips64.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.unknown.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.unknown.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86_64.features u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.isa.x86_64.variant u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.jitinitialsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.jitmaxsize u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.jitprithreadweight u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.jitthreshold u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.jittransitionweight u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.jniopts u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.lockprof.threshold u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.method-trace u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.method-trace-file u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.method-trace-file-siz u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.method-trace-stream u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.profilesystemserver u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.profilebootclasspath u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.restore-dex2oat-cpu-set u:object_r:dalvik_config_prop:s0 exact string
+dalvik.vm.restore-dex2oat-threads u:object_r:dalvik_config_prop:s0 exact int
+dalvik.vm.usejit u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.usejitprofiles u:object_r:dalvik_config_prop:s0 exact bool
+dalvik.vm.zygote.max-boot-retry u:object_r:dalvik_config_prop:s0 exact int
drm.service.enabled u:object_r:exported3_default_prop:s0 exact bool
@@ -499,13 +509,13 @@
# vendor-init-readable
apexd.status u:object_r:apexd_prop:s0 exact enum starting activated ready
-dev.bootcomplete u:object_r:exported3_system_prop:s0 exact bool
+dev.bootcomplete u:object_r:boot_status_prop:s0 exact bool
+sys.boot_completed u:object_r:boot_status_prop:s0 exact bool
persist.sys.device_provisioned u:object_r:exported3_system_prop:s0 exact string
persist.sys.theme u:object_r:theme_prop:s0 exact string
persist.sys.usb.usbradio.config u:object_r:exported3_system_prop:s0 exact string
-sys.boot_completed u:object_r:exported3_system_prop:s0 exact bool
sys.retaildemo.enabled u:object_r:exported3_system_prop:s0 exact int
sys.user.0.ce_available u:object_r:exported3_system_prop:s0 exact bool
sys.vdso u:object_r:exported3_system_prop:s0 exact string
@@ -724,6 +734,7 @@
ro.kernel.qemu u:object_r:exported_default_prop:s0 exact bool
ro.kernel.qemu. u:object_r:exported_default_prop:s0
ro.kernel.android.bootanim u:object_r:exported_default_prop:s0 exact int
+ro.kernel.ebpf.supported u:object_r:exported_default_prop:s0 exact bool
ro.odm.build.date u:object_r:exported_default_prop:s0 exact string
ro.odm.build.date.utc u:object_r:exported_default_prop:s0 exact int
diff --git a/private/seapp_contexts b/private/seapp_contexts
index 99d1e6c..1bad9c1 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -153,7 +153,7 @@
user=webview_zygote seinfo=webview_zygote domain=webview_zygote
user=_isolated domain=isolated_app levelFrom=all
user=_app seinfo=app_zygote domain=app_zygote levelFrom=all
-user=_app seinfo=media domain=mediaprovider type=app_data_file levelFrom=user
+user=_app seinfo=media domain=mediaprovider name=android.process.media type=app_data_file levelFrom=user
user=_app seinfo=platform domain=platform_app type=app_data_file levelFrom=user
user=_app isEphemeralApp=true domain=ephemeral_app type=app_data_file levelFrom=all
user=_app isPrivApp=true domain=priv_app type=privapp_data_file levelFrom=user
diff --git a/private/surfaceflinger.te b/private/surfaceflinger.te
index 373889c..cf709df 100644
--- a/private/surfaceflinger.te
+++ b/private/surfaceflinger.te
@@ -51,10 +51,6 @@
# Create and use netlink kobject uevent sockets.
allow surfaceflinger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
-# Get properties.
-get_prop(surfaceflinger, surfaceflinger_prop)
-neverallow { domain -coredomain -vendor_init } surfaceflinger_prop:file no_rw_file_perms;
-
# Set properties.
set_prop(surfaceflinger, system_prop)
set_prop(surfaceflinger, exported_system_prop)
diff --git a/private/system_server.te b/private/system_server.te
index 6c1fa9a..4fc507f 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -620,6 +620,7 @@
set_prop(system_server, exported_pm_prop)
set_prop(system_server, socket_hook_prop)
set_prop(system_server, audio_prop)
+set_prop(system_server, boot_status_prop)
userdebug_or_eng(`set_prop(system_server, wifi_log_prop)')
# ctl interface
@@ -1163,3 +1164,5 @@
# Do not allow any domain other than init or system server to set the property
neverallow { domain -init -system_server } socket_hook_prop:property_service set;
+
+neverallow { domain -init -system_server } boot_status_prop:property_service set;
diff --git a/public/domain.te b/public/domain.te
index e6c6834..8e6e150 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -105,6 +105,7 @@
get_prop(domain, exported2_default_prop)
get_prop(domain, logd_prop)
get_prop(domain, socket_hook_prop)
+get_prop(domain, surfaceflinger_prop)
get_prop(domain, vendor_socket_hook_prop)
get_prop(domain, vndk_prop)
get_prop(domain, vold_status_prop)
diff --git a/public/property.te b/public/property.te
index 9056c86..96866b3 100644
--- a/public/property.te
+++ b/public/property.te
@@ -54,11 +54,10 @@
')
# Properties which can't be written outside system
-
-# Properties used by binder caches
system_restricted_prop(binder_cache_bluetooth_server_prop)
system_restricted_prop(binder_cache_system_server_prop)
system_restricted_prop(binder_cache_telephony_server_prop)
+system_restricted_prop(boot_status_prop)
system_restricted_prop(bq_config_prop)
system_restricted_prop(module_sdkextensions_prop)
system_restricted_prop(nnapi_ext_deny_product_prop)
diff --git a/public/shell.te b/public/shell.te
index 712307f..822f4ca 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -91,7 +91,7 @@
hwbinder_use(shell)
allow shell hwservicemanager:hwservice_manager list;
-# allow shell to look through /proc/ for lsmod, ps, top, netstat.
+# allow shell to look through /proc/ for lsmod, ps, top, netstat, vmstat.
r_dir_file(shell, proc_net_type)
allow shell {
@@ -107,6 +107,7 @@
proc_timer
proc_uptime
proc_version
+ proc_vmstat
proc_zoneinfo
}:file r_file_perms;
diff --git a/public/vendor_init.te b/public/vendor_init.te
index dd74005..d661d81 100644
--- a/public/vendor_init.te
+++ b/public/vendor_init.te
@@ -238,6 +238,7 @@
set_prop(vendor_init, virtual_ab_prop)
set_prop(vendor_init, wifi_log_prop)
+get_prop(vendor_init, boot_status_prop)
get_prop(vendor_init, exported2_radio_prop)
get_prop(vendor_init, exported3_system_prop)
get_prop(vendor_init, theme_prop)