From cce24cd712c8b7b2419acd8595e1807015e08399 Mon Sep 17 00:00:00 2001
From: "Kevin F. Haggerty" <haggertk@lineageos.org>
Date: Sat, 15 Oct 2022 15:59:27 +0300
Subject: [PATCH] rosemary: sepolicy: Allow system_app to access zram sysfs
 nodes

avc: denied { search } for name="zram0" dev="sysfs" ino=20744
scontext=u:r:system_app:s0 tcontext=u:object_r:sysfs_zram:s0 tclass=dir
permissive=0

avc: denied { open } for name="mem_used_total" dev="sysfs" ino=20804
scontext=u:r:system_app:s0 tcontext=u:object_r:sysfs_zram:s0 tclass=file
permissive=0

avc: denied { read } for name="mem_used_total" dev="sysfs" ino=20804
scontext=u:r:system_app:s0 tcontext=u:object_r:sysfs_zram:s0 tclass=file
permissive=0

Change-Id: Ide9b1a9488b26fa69e7a2c8e73a8e657c8b28beb
---
 sepolicy/vendor/system_app.te | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 sepolicy/vendor/system_app.te

diff --git a/sepolicy/vendor/system_app.te b/sepolicy/vendor/system_app.te
new file mode 100644
index 0000000..cb648ba
--- /dev/null
+++ b/sepolicy/vendor/system_app.te
@@ -0,0 +1,2 @@
+allow system_app sysfs_zram:dir search;
+allow system_app sysfs_zram:file r_file_perms;