Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / cf391269acd6ff71fe254d2f62d9c82571dd24bf^! / .
commitcf391269acd6ff71fe254d2f62d9c82571dd24bf[log] [tgz]
authorJoel Galenson <jgalenson@google.com>Tue Jan 23 17:32:16 2018 -0800
committerJoel Galenson <jgalenson@google.com>Tue Jan 23 17:32:16 2018 -0800
tree24bad236dea6fbf014be4a1d5c2b213778ead323
parent869a4c2e196f663b5efb8443e9a08c398cd53f59 [diff]
Fix init error trying to access file.

Init tries to write /proc/sys/vm/min_free_order_shift but fails due to
a SELinux denial.  This gives the file a new label and gives init the
ability to write it.

Test: Build and booted Sailfish (a couple of days ago).
Change-Id: Ic93862b85c468afccff2019d84b927af9ed2a84d

diff --git a/private/compat/26.0/26.0.cil b/private/compat/26.0/26.0.cil
index 9d173be..184d18d 100644
--- a/private/compat/26.0/26.0.cil
+++ b/private/compat/26.0/26.0.cil

@@ -466,6 +466,7 @@
     proc_kmsg
     proc_loadavg
     proc_max_map_count
+    proc_min_free_order_shift
     proc_mounts
     proc_page_cluster
     proc_pagetypeinfo

diff --git a/private/genfs_contexts b/private/genfs_contexts
index 76f5bdd..2acaf9f 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts

@@ -66,6 +66,7 @@
 genfscon proc /sys/vm/page-cluster u:object_r:proc_page_cluster:s0
 genfscon proc /sys/vm/drop_caches u:object_r:proc_drop_caches:s0
 genfscon proc /sys/vm/overcommit_memory u:object_r:proc_overcommit_memory:s0
+genfscon proc /sys/vm/min_free_order_shift u:object_r:proc_min_free_order_shift:s0
 genfscon proc /timer_list u:object_r:proc_timer:s0
 genfscon proc /timer_stats u:object_r:proc_timer:s0
 genfscon proc /tty/drivers u:object_r:proc_tty_drivers:s0

diff --git a/public/file.te b/public/file.te
index c6b2a79..fc55412 100644
--- a/public/file.te
+++ b/public/file.te

@@ -8,6 +8,7 @@
 type proc_security, fs_type;
 type proc_drop_caches, fs_type;
 type proc_overcommit_memory, fs_type;
+type proc_min_free_order_shift, fs_type;
 # proc, sysfs, or other nodes that permit configuration of kernel usermodehelpers.
 type usermodehelper, fs_type;
 type sysfs_usermodehelper, fs_type, sysfs_type;

diff --git a/public/init.te b/public/init.te
index ddbe323..c3e36ea 100644
--- a/public/init.te
+++ b/public/init.te

@@ -287,6 +287,7 @@
   proc_extra_free_kbytes
   proc_net
   proc_max_map_count
+  proc_min_free_order_shift
   proc_overcommit_memory
   proc_panic
   proc_page_cluster