From de5d6b4a7c36b36fd58ee72cc6b4ad6c95052a99 Mon Sep 17 00:00:00 2001
From: liyaoli <liyaoli@allwinnertech.com>
Date: Mon, 18 Oct 2021 17:35:13 +0800
Subject: [PATCH] Allow zygote to setattr cgroup

Bug: 203385941
Test: config ro.config.per_app_memcg=true && turn on the screen && leave it for 11 minutes

Change-Id: I7eac9c39f2ed0d9761852dbe2a26d54c27b72237
---
 prebuilts/api/31.0/private/zygote.te | 2 +-
 private/zygote.te                    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/prebuilts/api/31.0/private/zygote.te b/prebuilts/api/31.0/private/zygote.te
index 090e12142..743647ec7 100644
--- a/prebuilts/api/31.0/private/zygote.te
+++ b/prebuilts/api/31.0/private/zygote.te
@@ -112,7 +112,7 @@ r_dir_file(zygote, vendor_overlay_file)
 
 # Control cgroups.
 allow zygote cgroup:dir create_dir_perms;
-allow zygote cgroup:{ file lnk_file } r_file_perms;
+allow zygote cgroup:{ file lnk_file } { r_file_perms setattr };
 allow zygote cgroup_v2:dir create_dir_perms;
 allow zygote cgroup_v2:{ file lnk_file } { r_file_perms setattr };
 allow zygote self:global_capability_class_set sys_admin;
diff --git a/private/zygote.te b/private/zygote.te
index f2af50697..8fd31e2bd 100644
--- a/private/zygote.te
+++ b/private/zygote.te
@@ -112,7 +112,7 @@ r_dir_file(zygote, vendor_overlay_file)
 
 # Control cgroups.
 allow zygote cgroup:dir create_dir_perms;
-allow zygote cgroup:{ file lnk_file } r_file_perms;
+allow zygote cgroup:{ file lnk_file } { r_file_perms setattr };
 allow zygote cgroup_v2:dir create_dir_perms;
 allow zygote cgroup_v2:{ file lnk_file } { r_file_perms setattr };
 allow zygote self:global_capability_class_set sys_admin;