resolve merge conflicts of 8350a7f1 to master.

Change-Id: I80109bb0167f06a8d39d8b036b3c487ec2f06124

resolve merge conflicts of 8350a7f1 to master.
05e68e12 · dcashman · 9aa378ec · 8350a7f1 · 05e68e12 · 05e68e12
Commit 05e68e12 authored 9 years ago by dcashman
--- a/file.te
+++ b/file.te
@@ -30,6 +30,8 @@ type sysfs_mac_address, fs_type, sysfs_type;
 type sysfs_devices_system_cpu, fs_type, sysfs_type;
 # /sys/module/lowmemorykiller
 type sysfs_lowmemorykiller, fs_type, sysfs_type;
+type sysfs_zram, fs_type, sysfs_type;
+type sysfs_zram_uevent, fs_type, sysfs_type;
 type inotify, fs_type, mlstrustedobject;
 type devpts, fs_type, mlstrustedobject;
 type tmpfs, fs_type;

--- a/file_contexts
+++ b/file_contexts
@@ -324,6 +324,8 @@
 #
 /sys/devices/platform/nfc-power/nfc_power -- u:object_r:sysfs_nfc_power_writable:s0
 /sys/devices/system/cpu(/.*)?    u:object_r:sysfs_devices_system_cpu:s0
+/sys/devices/virtual/block/zram\d+(/.*)?     u:object_r:sysfs_zram:s0
+/sys/devices/virtual/block/zram\d+/uevent    u:object_r:sysfs_zram_uevent:s0
 /sys/power/wake_lock -- u:object_r:sysfs_wake_lock:s0
 /sys/power/wake_unlock -- u:object_r:sysfs_wake_lock:s0
 /sys/kernel/uevent_helper --	u:object_r:usermodehelper:s0

--- a/init.te
+++ b/init.te
@@ -157,6 +157,9 @@ allow init self:capability sys_boot;
 allow init sysfs_type:dir r_dir_perms;
 allow init sysfs_type:file w_file_perms;

+# disksize
+allow init sysfs_zram:file getattr;
+
 # Transitions to seclabel processes in init.rc
 domain_trans(init, rootfs, adbd)
 domain_trans(init, rootfs, healthd)

--- a/priv_app.te
+++ b/priv_app.te
@@ -70,6 +70,10 @@ allow priv_app exec_type:file getattr;
 allow priv_app vold:fd use;
 allow priv_app fuse_device:chr_file { read write };

+# /sys access
+allow priv_app sysfs_zram:dir search;
+allow priv_app sysfs_zram:file r_file_perms;
+
 ###
 ### neverallow rules
 ###

--- a/system_app.te
+++ b/system_app.te
@@ -73,4 +73,8 @@ allow system_app keystore:keystore_key {
 	user_changed
 };

+# /sys access
+allow system_app sysfs_zram:dir search;
+allow system_app sysfs_zram:file r_file_perms;
+
 control_logd(system_app)
--- a/system_server.te
+++ b/system_server.te
@@ -374,6 +374,10 @@ allow system_server sysfs_lowmemorykiller:file { getattr w_file_perms };
 allow system_server pstorefs:dir r_dir_perms;
 allow system_server pstorefs:file r_file_perms;

+# /sys access
+allow system_server sysfs_zram:dir search;
+allow system_server sysfs_zram:file r_file_perms;
+
 allow system_server audioserver_service:service_manager find;
 allow system_server drmserver_service:service_manager find;
 allow system_server healthd_service:service_manager find;

--- a/ueventd.te
+++ b/ueventd.te
@@ -14,6 +14,7 @@ allow ueventd self:capability { chown mknod net_admin setgid fsetid sys_rawio da
 allow ueventd device:file create_file_perms;
 allow ueventd device:chr_file rw_file_perms;
 allow ueventd sysfs:file rw_file_perms;
+allow ueventd sysfs_zram_uevent:file w_file_perms;
 allow ueventd sysfs_type:{ file lnk_file } { relabelfrom relabelto setattr getattr };
 allow ueventd sysfs_type:dir { relabelfrom relabelto setattr r_dir_perms };
 allow ueventd sysfs_devices_system_cpu:file rw_file_perms;

--- a/vold.te
+++ b/vold.te
@@ -167,6 +167,10 @@ allow vold storage_file:dir mounton;
 # For AppFuse.
 allow vold fuse_device:chr_file rw_file_perms;

+# coldboot of /sys/block
+allow vold sysfs_zram:dir r_dir_perms;
+allow vold sysfs_zram_uevent:file rw_file_perms;
+
 neverallow { domain -vold } vold_data_file:dir ~{ open create read getattr setattr search relabelto ioctl };
 neverallow { domain -vold } vold_data_file:notdevfile_class_set ~{ relabelto getattr };
 neverallow { domain -vold -init } vold_data_file:dir *;