Add policy for memlat governor needs create/delete perf events
[ 31.756984] type=1400 audit(1620144320.436:11): avc: denied { perfmon } for comm="cpuhp/4" capability=38 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability2 permissive=0
[ 31.757246] type=1400 audit(1620144320.436:12): avc: denied { sys_admin } for comm="cpuhp/4" capability=21 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
[ 31.757352] type=1400 audit(1620144320.436:13): avc: denied { perfmon } for comm="cpuhp/4" capability=38 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability2 permissive=0
[ 31.757450] type=1400 audit(1620144320.436:14): avc: denied { sys_admin } for comm="cpuhp/4" capability=21 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
...
...
[ 215.584932] type=1400 audit(1620634018.936:191): avc: denied { cpu } for comm="cpuhp/4" scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=perf_event permissive=0
Bug: 187437491
Bug: 170479743
Test: build, boot and suspend/resume test 200 times.
Change-Id: I4fd3d3fb915ca518ffa226f25298c94faaf867f1
This commit is contained in:
Kyle Lin
parent
48e3555770
commit
1124aeaf32
1 changed files with 4 additions and 0 deletions
4
whitechapel/vendor/google/kernel.te
vendored
4
whitechapel/vendor/google/kernel.te
vendored
|
|
@ -3,3 +3,7 @@ allow kernel vendor_fw_file:file r_file_perms;
|
|||
|
||||
# ZRam
|
||||
allow kernel per_boot_file:file r_file_perms;
|
||||
|
||||
# memlat needs permision to create/delete perf events when hotplug on/off
|
||||
allow kernel self:capability2 perfmon;
|
||||
allow kernel self:perf_event cpu;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue