From 11c79b20d7c7b4577204c0e21dcf41b7a328439c Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Wed, 22 Jun 2016 22:26:28 -0700
Subject: [PATCH] lmkd: grant read access to all of /sys

avc: denied { search } for pid=394 comm="lmkd" name="lowmemorykiller" dev="sysfs" ino=7541 scontext=u:r:lmkd:s0 tcontext=u:object_r:sysfs_lowmemorykiller:s0 tclass=dir permissive=0

(Cherry picked from commit 30a3ee4ce95e4638160b8aefe350b70a3e0e4d25)

Bug: 29558514
Change-Id: Iaae907a92976af2a9dcb58be5643b8614dcde174
---
 lmkd.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lmkd.te b/lmkd.te
index 7920aee28..570cbcab2 100644
--- a/lmkd.te
+++ b/lmkd.te
@@ -22,6 +22,7 @@ r_dir_file(lmkd, system_server)
 allow lmkd system_server:file write;
 
 ## Writes to /sys/module/lowmemorykiller/parameters/minfree
+r_dir_file(lmkd, sysfs_type)
 allow lmkd sysfs_lowmemorykiller:file w_file_perms;
 
 # Send kill signals
-- 
GitLab