sepolicy: rules for uid/pid cgroups v2 hierarchy Bug: 168907513 Test: verified the correct working of the v2 uid/pid hierarchy in normal and recovery modes This reverts commit aa8bb3a29b92a342c42c802edac269da5984d1df. Change-Id: Ib344d500ea49b86e862e223ab58a16601eebef47

commit: aa4ce95c6f601c5fa901a12d9f366440bf56c7e2 [log] [tgz]
author: Marco Ballesio <balejs@google.com> Thu Feb 11 15:18:11 2021 -0800
committer: Marco Ballesio <balejs@google.com> Thu Feb 11 23:40:38 2021 +0000
tree: 207658ec84cfd29a88b35b9f82215797beee7f65
parent: e8d2732651edfaf9f32df039216cbf54f247e9ec [diff] [blame]
diff --git a/public/hal_cas.te b/public/hal_cas.te
index 7de6a13..e699a6b 100644
--- a/public/hal_cas.te
+++ b/public/hal_cas.te

@@ -16,6 +16,10 @@
 allow hal_cas cgroup:dir { search write };
 allow hal_cas cgroup:file w_file_perms;
 
+r_dir_file(hal_cas, cgroup_v2)
+allow hal_cas cgroup_v2:dir { search write };
+allow hal_cas cgroup_v2:file w_file_perms;
+
 # Allow access to ion memory allocation device
 allow hal_cas ion_device:chr_file rw_file_perms;
 allow hal_cas hal_graphics_allocator:fd use;
commit	aa4ce95c6f601c5fa901a12d9f366440bf56c7e2	[log] [tgz]
author	Marco Ballesio <balejs@google.com>	Thu Feb 11 15:18:11 2021 -0800
committer	Marco Ballesio <balejs@google.com>	Thu Feb 11 23:40:38 2021 +0000
tree	207658ec84cfd29a88b35b9f82215797beee7f65
parent	e8d2732651edfaf9f32df039216cbf54f247e9ec [diff] [blame]