# vold goes through /proc and opens each dir as O_RDONLY | |
# to gather information about all PIDS. | |
# It does not need access to /proc/irq which is labeled as | |
# proc_irq on bullhead | |
# See system/vold commit 66270a21df1058434e4d63691221f11ff5387a0f | |
dontaudit vold proc_irq:dir { read open }; | |
get_prop(vold, qseecomtee_prop) | |
# Allow vold to access zram | |
allow vold swap_block_device:blk_file getattr; | |
# read sys.listeners. sys.keymaster. properties | |
get_prop(vold, qseecomtee_prop) |