Add sepolicy for Multi-Gen LRU sysfs control
init is allowed to enable/disable MG-LRU.
Bug: 227651406
Bug: 228525049
Test: setprop persist.device_config.mglru_native.lru_gen_config
Test: verify no avc denials in logcat
Change-Id: I20223f3628cb6909c3fd2eb2b821ff2d52202dd2
diff --git a/private/compat/32.0/32.0.ignore.cil b/private/compat/32.0/32.0.ignore.cil
index 3547ebb..9b09c13 100644
--- a/private/compat/32.0/32.0.ignore.cil
+++ b/private/compat/32.0/32.0.ignore.cil
@@ -62,6 +62,7 @@
smart_idle_maint_enabled_prop
snapuserd_proxy_socket
sysfs_fs_fuse_bpf
+ sysfs_lru_gen_enabled
system_dlkm_file
tare_service
tv_iapp_service
diff --git a/private/genfs_contexts b/private/genfs_contexts
index ca64733..2f1f84d 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -162,6 +162,7 @@
genfscon sysfs /kernel/ion u:object_r:sysfs_ion:s0
genfscon sysfs /kernel/ipv4 u:object_r:sysfs_ipv4:s0
genfscon sysfs /kernel/mm/transparent_hugepage u:object_r:sysfs_transparent_hugepage:s0
+genfscon sysfs /kernel/mm/lru_gen/enabled u:object_r:sysfs_lru_gen_enabled:s0
genfscon sysfs /kernel/notes u:object_r:sysfs_kernel_notes:s0
genfscon sysfs /kernel/uevent_helper u:object_r:sysfs_usermodehelper:s0
genfscon sysfs /kernel/wakeup_reasons u:object_r:sysfs_wakeup_reasons:s0
diff --git a/public/file.te b/public/file.te
index 3c8fcc7..1acc78b 100644
--- a/public/file.te
+++ b/public/file.te
@@ -115,6 +115,7 @@
type sysfs_suspend_stats, fs_type, sysfs_type;
type sysfs_switch, fs_type, sysfs_type;
type sysfs_transparent_hugepage, fs_type, sysfs_type;
+type sysfs_lru_gen_enabled, fs_type, sysfs_type;
type sysfs_usb, fs_type, sysfs_type;
type sysfs_wakeup, fs_type, sysfs_type;
type sysfs_wakeup_reasons, fs_type, sysfs_type;
diff --git a/public/init.te b/public/init.te
index 5139038..e2010f3 100644
--- a/public/init.te
+++ b/public/init.te
@@ -423,6 +423,7 @@
sysfs_power
sysfs_fs_f2fs
sysfs_dm
+ sysfs_lru_gen_enabled
}:file w_file_perms;
allow init {