From 5af7c660cf69e2e4490449522408d5d49f5aa98d Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@google.com>
Date: Fri, 2 Dec 2016 18:09:23 -0500
Subject: [PATCH] Allow webview_zygote to stat
 /sys/kernel/debug/tracing/trace_marker.

Test: m
Test: angler boots

Bug: 21643067
Change-Id: I7530120385766506405a318caac8ef143e71cce7
---
 public/webview_zygote.te | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/public/webview_zygote.te b/public/webview_zygote.te
index cc7cd0bed..0bed08301 100644
--- a/public/webview_zygote.te
+++ b/public/webview_zygote.te
@@ -25,6 +25,11 @@ allow webview_zygote dalvikcache_data_file:dir r_dir_perms;
 allow webview_zygote dalvikcache_data_file:lnk_file r_file_perms;
 allow webview_zygote dalvikcache_data_file:file { r_file_perms execute };
 
+# Allow webview_zygote to stat the files that it opens. It must
+# be able to inspect them so that it can reopen them on fork
+# if necessary: b/30963384.
+allow webview_zygote debugfs_trace_marker:file getattr;
+
 # Allow webview_zygote to manage the pgroup of its children.
 allow webview_zygote system_server:process getpgid;
 
-- 
GitLab