From 4081fd39934580e52f3679b44117997144a2cf5d Mon Sep 17 00:00:00 2001
From: Tri Vo <trong@google.com>
Date: Tue, 28 Nov 2017 08:42:40 -0800
Subject: [PATCH] Label /proc/sys/kernel/pid_max as proc_pid_max.

And give shell domain read access to /proc/sys/kernel/pic_max.

Bug: 69569397
Test: adb shell /data/nativetest/bionic-unit-tests/bionic-unit-tests
--gtest_filter=pthread.pthread_mutex_owner_tid_limit
Change-Id: Ib56c18ed553ad2c2113e6913788a4c00965483cc
---
 private/compat/26.0/26.0.cil | 1 +
 private/genfs_contexts       | 1 +
 public/file.te               | 1 +
 public/shell.te              | 1 +
 4 files changed, 4 insertions(+)

diff --git a/private/compat/26.0/26.0.cil b/private/compat/26.0/26.0.cil
index e58fa4ed8..12e5c981b 100644
--- a/private/compat/26.0/26.0.cil
+++ b/private/compat/26.0/26.0.cil
@@ -467,6 +467,7 @@
     proc_page_cluster
     proc_pagetypeinfo
     proc_panic
+    proc_pid_max
     proc_pipe_conf
     proc_random
     proc_sched
diff --git a/private/genfs_contexts b/private/genfs_contexts
index 4f3a96ca6..09da56d41 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -42,6 +42,7 @@ genfscon proc /sys/kernel/overflowuid u:object_r:proc_overflowuid:s0
 genfscon proc /sys/kernel/panic_on_oops u:object_r:proc_panic:s0
 genfscon proc /sys/kernel/perf_event_max_sample_rate u:object_r:proc_perf:s0
 genfscon proc /sys/kernel/perf_event_paranoid u:object_r:proc_perf:s0
+genfscon proc /sys/kernel/pid_max u:object_r:proc_pid_max:s0
 genfscon proc /sys/kernel/poweroff_cmd u:object_r:usermodehelper:s0
 genfscon proc /sys/kernel/random u:object_r:proc_random:s0
 genfscon proc /sys/kernel/randomize_va_space u:object_r:proc_security:s0
diff --git a/public/file.te b/public/file.te
index 29bf9be3e..6c11b81e2 100644
--- a/public/file.te
+++ b/public/file.te
@@ -38,6 +38,7 @@ type proc_page_cluster, fs_type;
 type proc_pagetypeinfo, fs_type;
 type proc_panic, fs_type;
 type proc_perf, fs_type;
+type proc_pid_max, fs_type;
 type proc_pipe_conf, fs_type;
 type proc_random, fs_type;
 type proc_sched, fs_type;
diff --git a/public/shell.te b/public/shell.te
index cac84d42b..1318c35f4 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -115,6 +115,7 @@ allow shell {
   proc_interrupts
   proc_meminfo
   proc_modules
+  proc_pid_max
   proc_stat
   proc_timer
   proc_uptime
-- 
GitLab