commit | f4337cbd53d4917c5d76486e2a313d81ecb15e4b | [log] [tgz] |
---|---|---|
author | Seungjae Yoo <seungjaeyoo@google.com> | Tue Nov 15 03:05:22 2022 +0000 |
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | Tue Nov 15 03:05:22 2022 +0000 |
tree | ea8a1c420252045963f9ef511169548164c6a71d | |
parent | d550c7ce441d64496e243f915f02ade762f97543 [diff] | |
parent | 3d9b334391e47cc781180240991e312939dfb124 [diff] |
Merge "Allow reading proc file in crosvm process for reading cpu/mem stat in VM" am: b43e1b1c19 am: 3d9b334391 Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/2300539 Change-Id: Id7f2212487ae352746226c6342c4f2b96abefbfb Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/private/virtualizationservice.te b/private/virtualizationservice.te index f41e7cc..46871b7 100644 --- a/private/virtualizationservice.te +++ b/private/virtualizationservice.te
@@ -84,6 +84,9 @@ allow virtualizationservice tombstone_data_file:file { append getattr }; allow virtualizationservice tombstoned:fd use; +# Allow reading files under /proc/[crosvm pid]/, for collecting CPU & memory usage inside VM. +r_dir_file(virtualizationservice, crosvm); + neverallow { domain -init