Merge "Add SELinux policy for storage areas" into main
diff --git a/private/property_contexts b/private/property_contexts
index f270802..8ade1b7 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -757,6 +757,7 @@
ro.lmk.kill_timeout_ms u:object_r:lmkd_config_prop:s0 exact int
ro.lmk.log_stats u:object_r:lmkd_config_prop:s0 exact bool
ro.lmk.low u:object_r:lmkd_config_prop:s0 exact int
+ro.lmk.lowmem_min_oom_score u:object_r:lmkd_config_prop:s0 exact int
ro.lmk.medium u:object_r:lmkd_config_prop:s0 exact int
ro.lmk.pressure_after_kill_min_score u:object_r:lmkd_config_prop:s0 exact int
ro.lmk.psi_partial_stall_ms u:object_r:lmkd_config_prop:s0 exact int
diff --git a/private/seapp_contexts b/private/seapp_contexts
index 8884a7a..a07d272 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts
@@ -225,3 +225,4 @@
user=_app minTargetSdkVersion=28 fromRunAs=true domain=runas_app levelFrom=all
user=_app fromRunAs=true domain=runas_app levelFrom=user
user=_app isPrivApp=true name=com.android.virtualization.vmlauncher domain=vmlauncher_app type=privapp_data_file levelFrom=all
+user=_app isPrivApp=true name=com.google.android.virtualization.vmlauncher domain=vmlauncher_app type=privapp_data_file levelFrom=all
diff --git a/private/shell.te b/private/shell.te
index 8adc71c..ed99b53 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -426,6 +426,9 @@
allow shell sysfs_batteryinfo:dir r_dir_perms;
allow shell sysfs_batteryinfo:file r_file_perms;
+# Allow reads (but not writes) of the MGLRU state
+allow shell sysfs_lru_gen_enabled:file r_file_perms;
+
# Allow access to ion memory allocation device.
allow shell ion_device:chr_file rw_file_perms;