From f5ea6145e7c22de9091e93fda77443b5adede72e Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Fri, 20 Oct 2017 12:38:17 -0700
Subject: [PATCH] Shell: grant permission to run lsmod

lsmod needs access to /proc/modules

Test: build, run lsmod
Change-Id: Icb6ea6ce791cc6a22c89aa8e90c44749497c8468
---
 public/shell.te | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/public/shell.te b/public/shell.te
index fb650bf92..44d812130 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -106,12 +106,13 @@ allow shell dumpstate:binder call;
 hwbinder_use(shell)
 allow shell hwservicemanager:hwservice_manager list;
 
-# allow shell to look through /proc/ for ps, top, netstat
+# allow shell to look through /proc/ for lsmod, ps, top, netstat.
 r_dir_file(shell, proc)
 r_dir_file(shell, proc_net)
 allow shell proc_filesystems:file r_file_perms;
 allow shell proc_interrupts:file r_file_perms;
 allow shell proc_meminfo:file r_file_perms;
+allow shell proc_modules:file r_file_perms;
 allow shell proc_stat:file r_file_perms;
 allow shell proc_timer:file r_file_perms;
 allow shell proc_zoneinfo:file r_file_perms;
-- 
GitLab