Add gid=3009,hidepid=2 options to the /proc mount. This change is to allow the following CTS test to pass: CtsOsTestCases android.os.cts.EnvironmentTest#testHidePid2 Bug: b/120611589 Test: Assured the emulator would boot. Checked kernel logs for problems. Did adb shell and checked /proc/mounts for correctness. Ran CTS test to assert that it passes. Change-Id: I936a22a30a65499832279021c3aeb89268612df9

commit: f9845eeea8d22c44343a18506d3f0df111072069 [log] [tgz]
author: Matt Wachowski <mattwach@google.com> Mon Dec 17 13:18:02 2018 -0800
committer: Matt Wachowski <mattwach@google.com> Mon Dec 17 13:18:02 2018 -0800
tree: c5fd4633f990e9317a556056268c46bf2bf5ef45
parent: 2149bed3f97d70a66e1d31bc764ba393ce7e97c4 [diff]
diff --git a/init.ranchu.rc b/init.ranchu.rc
index 0c11d9b..b318b0d 100644
--- a/init.ranchu.rc
+++ b/init.ranchu.rc

@@ -3,6 +3,7 @@
 
 on early-init
     mount debugfs debugfs /sys/kernel/debug mode=755
+    mount proc proc /proc remount hidepid=2,gid=3009
 
 on init
 

diff --git a/sepolicy/common/init.te b/sepolicy/common/init.te
index 84a4e8d..9c01f79 100644
--- a/sepolicy/common/init.te
+++ b/sepolicy/common/init.te

@@ -1,2 +1,3 @@
 allow init tmpfs:lnk_file create_file_perms;
+allow init proc:dir { mounton };
 dontaudit init kernel:system module_request;
commit	f9845eeea8d22c44343a18506d3f0df111072069	[log] [tgz]
author	Matt Wachowski <mattwach@google.com>	Mon Dec 17 13:18:02 2018 -0800
committer	Matt Wachowski <mattwach@google.com>	Mon Dec 17 13:18:02 2018 -0800
tree	c5fd4633f990e9317a556056268c46bf2bf5ef45
parent	2149bed3f97d70a66e1d31bc764ba393ce7e97c4 [diff]