sepolicy: rules for uid/pid cgroups v2 hierarchy Bug: 168907513 Test: verified the correct working of the v2 uid/pid hierarchy in normal and recovery modes This reverts commit aa8bb3a29b92a342c42c802edac269da5984d1df. Change-Id: Ib344d500ea49b86e862e223ab58a16601eebef47

commit: aa4ce95c6f601c5fa901a12d9f366440bf56c7e2 [log] [tgz]
author: Marco Ballesio <balejs@google.com> Thu Feb 11 15:18:11 2021 -0800
committer: Marco Ballesio <balejs@google.com> Thu Feb 11 23:40:38 2021 +0000
tree: 207658ec84cfd29a88b35b9f82215797beee7f65
parent: e8d2732651edfaf9f32df039216cbf54f247e9ec [diff] [blame]
diff --git a/public/hal_drm.te b/public/hal_drm.te
index 5987491..bb1bd91 100644
--- a/public/hal_drm.te
+++ b/public/hal_drm.te

@@ -20,6 +20,10 @@
 allow hal_drm cgroup:dir { search write };
 allow hal_drm cgroup:file w_file_perms;
 
+r_dir_file(hal_drm, cgroup_v2)
+allow hal_drm cgroup_v2:dir { search write };
+allow hal_drm cgroup_v2:file w_file_perms;
+
 # Allow access to ion memory allocation device
 allow hal_drm ion_device:chr_file rw_file_perms;
 allow hal_drm hal_graphics_allocator:fd use;
commit	aa4ce95c6f601c5fa901a12d9f366440bf56c7e2	[log] [tgz]
author	Marco Ballesio <balejs@google.com>	Thu Feb 11 15:18:11 2021 -0800
committer	Marco Ballesio <balejs@google.com>	Thu Feb 11 23:40:38 2021 +0000
tree	207658ec84cfd29a88b35b9f82215797beee7f65
parent	e8d2732651edfaf9f32df039216cbf54f247e9ec [diff] [blame]