sepolicy: allow system_server to write to cgroup_v2
During boot, system_server will need to write to files under
/sys/fs/cgroup/freezer. Change the cgroup_v2 policy to allow this
operation.
Test: booted device with change, verified that files are properly
accessed.
Bug: 154548692
Change-Id: I2ccc112c8870129cb1b8312023b54268312efcca
diff --git a/private/system_server.te b/private/system_server.te
index 0067aa7..e172fd9 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -930,7 +930,7 @@
r_dir_file(system_server, cgroup)
allow system_server ion_device:chr_file r_file_perms;
-allow system_server cgroup_v2:dir r_dir_perms;
+allow system_server cgroup_v2:dir rw_dir_perms;
allow system_server cgroup_v2:file rw_file_perms;
r_dir_file(system_server, proc_asound)