Restrict access to uid_concurrent_*_time Do not let apps read uid_concurrent_active_time and uid_concurrent_policy_time. b/68399339 Test: Check that they can't be read from the shell without root permissions and system_server was able to read them Change-Id: I6f09ef608607cb9f4084ba403a1e7254b8c49a06

commit: 80ee23f74a6107c9a5e7cf4144a72d4befe950d1 [log] [tgz]
author: Marissa Wall <marissaw@google.com> Fri Nov 10 14:10:19 2017 -0800
committer: Jeffrey Vander Stoep <jeffv@google.com> Tue Dec 12 19:19:04 2017 +0000
tree: 5670a83c1ea9749e3609c395acd2f6786bc20529
parent: e9ae77355eedc212a784f47c5f57889759f0dc02 [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index 2102391..7b0aad1 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -694,6 +694,8 @@
   proc_stat
   proc_uid_cputime_showstat
   proc_uid_time_in_state
+  proc_uid_concurrent_active_time
+  proc_uid_concurrent_policy_time
   proc_version
   proc_vmallocinfo
 }:file r_file_perms;
commit	80ee23f74a6107c9a5e7cf4144a72d4befe950d1	[log] [tgz]
author	Marissa Wall <marissaw@google.com>	Fri Nov 10 14:10:19 2017 -0800
committer	Jeffrey Vander Stoep <jeffv@google.com>	Tue Dec 12 19:19:04 2017 +0000
tree	5670a83c1ea9749e3609c395acd2f6786bc20529
parent	e9ae77355eedc212a784f47c5f57889759f0dc02 [diff] [blame]