blob: dcd173d6549ddc73479fbd6e942baedec8f751c9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
# vold goes through /proc and opens each dir as O_RDONLY
# to gather information about all PIDS.
# It does not need access to /proc/irq which is labeled as
# proc_irq on bullhead
# See system/vold commit 66270a21df1058434e4d63691221f11ff5387a0f
dontaudit vold proc_irq:dir { read open };
get_prop(vold, qseecomtee_prop)
# Allow vold to access zram
allow vold swap_block_device:blk_file getattr;
# read sys.listeners. sys.keymaster. properties
get_prop(vold, qseecomtee_prop)
|
