From 769b96f2e361fa9a27895be6a7bcad5a2a4811f4 Mon Sep 17 00:00:00 2001
From: Jeff Sharkey <jsharkey@android.com>
Date: Thu, 11 Jun 2015 13:00:30 -0700
Subject: [PATCH] Allow vold to change priority when benchmarking.

avc: denied { sys_nice } for capability=23 scontext=u:r:vold:s0 tcontext=u:r:vold:s0 tclass=capability permissive=0

Bug: 21711477
Change-Id: I78e7a6667e06a4b1a2b0c4d26ddae4797231e553
---
 vold.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/vold.te b/vold.te
index af050c880..35134106d 100644
--- a/vold.te
+++ b/vold.te
@@ -156,6 +156,9 @@ allow vold vold_data_file:file create_file_perms;
 allow vold init:key { write search setattr };
 allow vold vold:key { write search setattr };
 
+# vold temporarily changes its priority when running benchmarks
+allow vold self:capability sys_nice;
+
 neverallow { domain -vold } vold_data_file:dir ~{ open create read getattr setattr search relabelto ioctl };
 neverallow { domain -vold } vold_data_file:notdevfile_class_set ~{ relabelto getattr };
 neverallow { domain -vold -init } vold_data_file:dir *;
-- 
GitLab