Gitiles
Code Review Sign In
review.blissroms.org / platform_device_qcom_sepolicy-legacy / 8849370f3fad727ce7912e08df916430c5fd64b6
commit8849370f3fad727ce7912e08df916430c5fd64b6[log] [tgz]
authorArchana Sriram <apsrir@codeaurora.org>Wed Dec 06 17:16:58 2017 +0530
committerGerrit - the friendly Code Review server <code-review@localhost>Wed Jan 03 01:21:30 2018 -0800
treec4b9c04c066cf311d0e0e67823413e80c2271ac6
parentb9a19dd9165c7a4d961c75bca39b9720ae583cf2 [diff]
sepolicy: Addressing memtrack access to GL mem info

Added new secontext kgsl_debugfs for /sys/kernel/debug/kgsl/proc/.
Granted access to memtrack and system_server domain to read on
this node. Domain denials other than surfaceflinger are suppressed.

Fixes these avc denials seen in user build:
memtrack@1.0-se: type=1400 audit(0.0:46): avc: denied { read }
for uid=1000 name="mem" dev="debugfs" ino=656
scontext=u:r:hal_memtrack_default:s0
tcontext=u:object_r:qti_debugfs:s0 tclass=file permissive=0

GL and EGL memory are now accounted properly when
"dumpsys meminfo -a <pid>" is executed in user build.

CRs-Fixed: 2142195
Change-Id: I6331e6faf68502d5048a7b3da130540a234eb9b4
5 files changed
tree: c4b9c04c066cf311d0e0e67823413e80c2271ac6
  1. apq8084/
  2. apq8098_latv/
  3. common/
  4. msm8226/
  5. msm8909/
  6. msm8916/
  7. msm8937/
  8. msm8952/
  9. msm8953/
  10. msm8960/
  11. msm8974/
  12. msm8976/
  13. msm8992/
  14. msm8994/
  15. msm8996/
  16. msm8998/
  17. msmnile/
  18. msmpeafowl/
  19. msmskunk/
  20. private/
  21. public/
  22. qcs605/
  23. sdm660/
  24. sdm670/
  25. sdm845/
  26. ssg/
  27. test/
  28. Android.mk