allow system_server to access files under /sys/kernel/ion/
In order for system_server to report ION allocations in dumpsys meminfo
report it needs access to ION sysfs nodes.
Bug: 138148041
Test: dumpsys meminfo
Change-Id: I8b1efebe8f4b06a3975e96ddd6a8cbcacdb52fb2
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
diff --git a/private/compat/29.0/29.0.cil b/private/compat/29.0/29.0.cil
index 5eddc4e..c62edd5 100644
--- a/private/compat/29.0/29.0.cil
+++ b/private/compat/29.0/29.0.cil
@@ -1744,6 +1744,7 @@
(typeattributeset swap_block_device_29_0 (swap_block_device))
(typeattributeset sysfs_29_0
( sysfs
+ sysfs_ion
sysfs_suspend_stats
sysfs_wakeup))
(typeattributeset sysfs_android_usb_29_0 (sysfs_android_usb))
diff --git a/private/genfs_contexts b/private/genfs_contexts
index 855f2d6..e33031a 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -139,6 +139,7 @@
genfscon sysfs /power/wake_lock u:object_r:sysfs_wake_lock:s0
genfscon sysfs /power/wake_unlock u:object_r:sysfs_wake_lock:s0
genfscon sysfs /kernel/memory_state_time u:object_r:sysfs_power:s0
+genfscon sysfs /kernel/ion u:object_r:sysfs_ion:s0
genfscon sysfs /kernel/ipv4 u:object_r:sysfs_ipv4:s0
genfscon sysfs /kernel/mm/transparent_hugepage u:object_r:sysfs_transparent_hugepage:s0
genfscon sysfs /kernel/notes u:object_r:sysfs_kernel_notes:s0
diff --git a/private/system_server.te b/private/system_server.te
index 5bd4d9d..c9ed298 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -157,6 +157,9 @@
# Read /sys/kernel/debug/wakeup_sources.
allow system_server debugfs_wakeup_sources:file r_file_perms;
+# Read /sys/kernel/ion/*.
+allow system_server sysfs_ion:file r_file_perms;
+
# The DhcpClient and WifiWatchdog use packet_sockets
allow system_server self:packet_socket create_socket_perms_no_ioctl;