Skip to content
Snippets Groups Projects
Commit 769b96f2 authored by Jeff Sharkey's avatar Jeff Sharkey
Browse files

Allow vold to change priority when benchmarking. 

avc: denied { sys_nice } for capability=23 scontext=u:r:vold:s0 tcontext=u:r:vold:s0 tclass=capability permissive=0

Bug: 21711477
Change-Id: I78e7a6667e06a4b1a2b0c4d26ddae4797231e553
parent d245789c
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 3 additions and 0 deletions
vold.te
+ 3
0
View file @ 769b96f2
...@@ -156,6 +156,9 @@ allow vold vold_data_file:file create_file_perms; ...@@ -156,6 +156,9 @@ allow vold vold_data_file:file create_file_perms;
allow vold init:key { write search setattr }; allow vold init:key { write search setattr };
allow vold vold:key { write search setattr }; allow vold vold:key { write search setattr };
# vold temporarily changes its priority when running benchmarks
allow vold self:capability sys_nice;
neverallow { domain -vold } vold_data_file:dir ~{ open create read getattr setattr search relabelto ioctl }; neverallow { domain -vold } vold_data_file:dir ~{ open create read getattr setattr search relabelto ioctl };
neverallow { domain -vold } vold_data_file:notdevfile_class_set ~{ relabelto getattr }; neverallow { domain -vold } vold_data_file:notdevfile_class_set ~{ relabelto getattr };
neverallow { domain -vold -init } vold_data_file:dir *; neverallow { domain -vold -init } vold_data_file:dir *;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment