Allow system server to access zram sysfs
This patch allows
- System server needs write access to zram sysfs
directory to be able to trigger writeback to disk.
- init should be able to change attrs on zram to make
them writeable by system_server.
- Vendor init scripts should be able to set zram properties.
Bug: 117682284
Bug: 122674343
Test: Test writeback on go ref device
Change-Id: I308e48210f34894204992043eced5f276d736baf
diff --git a/private/system_server.te b/private/system_server.te
index 67d7cb5..bda0d92 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -661,7 +661,7 @@
# /sys access
allow system_server sysfs_zram:dir search;
-allow system_server sysfs_zram:file r_file_perms;
+allow system_server sysfs_zram:file rw_file_perms;
add_service(system_server, system_server_service);
allow system_server audioserver_service:service_manager find;
diff --git a/public/init.te b/public/init.te
index 10a0c68..53b0aea 100644
--- a/public/init.te
+++ b/public/init.te
@@ -375,6 +375,7 @@
sysfs_power
sysfs_vibrator
sysfs_wake_lock
+ sysfs_zram
}:file setattr;
# Set usermodehelpers.
diff --git a/public/property_contexts b/public/property_contexts
index c27ba75..2c7a8c3 100644
--- a/public/property_contexts
+++ b/public/property_contexts
@@ -138,6 +138,9 @@
ro.url.legal u:object_r:exported3_default_prop:s0 exact string
ro.url.legal.android_privacy u:object_r:exported3_default_prop:s0 exact string
ro.vendor.build.security_patch u:object_r:vendor_security_patch_level_prop:s0 exact string
+ro.zram.mark_idle_delay_mins u:object_r:exported3_default_prop:s0 exact int
+ro.zram.first_wb_delay_mins u:object_r:exported3_default_prop:s0 exact int
+ro.zram.periodic_wb_delay_hours u:object_r:exported3_default_prop:s0 exact int
ro.zygote u:object_r:exported3_default_prop:s0 exact string
sendbug.preferred.domain u:object_r:exported3_default_prop:s0 exact string
sys.usb.controller u:object_r:exported2_system_prop:s0 exact string