From a0748a75f41eeffc7959ec2646127ff0b7c73282 Mon Sep 17 00:00:00 2001
From: Tri Vo <trong@google.com>
Date: Wed, 20 Sep 2017 16:29:23 -0700
Subject: [PATCH] Restrict lmkd read access from sysfs_type to
 sysfs_lowmemorykiller.

Bug: 65643247
Test: device boots without denials from lmkd
Change-Id: I6db8b52a4fb3edefbcbc87d6ca5f1b76162e9dce
---
 public/lmkd.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/public/lmkd.te b/public/lmkd.te
index 208720ca6..0ff951814 100644
--- a/public/lmkd.te
+++ b/public/lmkd.te
@@ -18,7 +18,7 @@ r_dir_file(lmkd, system_server)
 allow lmkd system_server:file write;
 
 ## Writes to /sys/module/lowmemorykiller/parameters/minfree
-r_dir_file(lmkd, sysfs_type)
+r_dir_file(lmkd, sysfs_lowmemorykiller)
 allow lmkd sysfs_lowmemorykiller:file w_file_perms;
 
 # Send kill signals
-- 
GitLab