1# vold goes through /proc and opens each dir as O_RDONLY
2# to gather information about all PIDS.
3# It does not need access to /proc/irq which is labeled as
4# proc_irq on bullhead
5# See system/vold commit 66270a21df1058434e4d63691221f11ff5387a0f
6dontaudit vold proc_irq:dir { read open };
7
8get_prop(vold, qseecomtee_prop)
9
10# Allow vold to access zram
11allow vold swap_block_device:blk_file getattr;
12
13# read sys.listeners. sys.keymaster. properties
14get_prop(vold, qseecomtee_prop)
15