wahoo: explicit app access to cgroup The set of vendor apps touching cgroup is from go/sedenials. Bug: 110043362 Test: boot aosp_walleye without cgroup denials/audit messages. Change-Id: I5493fe272eab845949e20ea4d0ab0e59b07ff645

commit: 6ce4a8b3b5386bb568c8191f6b93250f781fc8be [log] [tgz]
author: Tri Vo <trong@google.com> Sat Oct 13 17:23:27 2018 -0700
committer: Tri Vo <trong@google.com> Sat Oct 13 17:23:29 2018 -0700
tree: f8222d2dfb9f80f861d34af6f539466882d36ab0
parent: 44e354d3a14c92e6fa493152f73f1b2dbff90aa8 [diff]
diff --git a/sepolicy/vendor/dataservice_app.te b/sepolicy/vendor/dataservice_app.te
index 1cb94e3..57ad3e9 100644
--- a/sepolicy/vendor/dataservice_app.te
+++ b/sepolicy/vendor/dataservice_app.te

@@ -6,3 +6,5 @@
 
 # imsrcsd to bind with UceShimService.apk
 binder_call(dataservice_app, hal_rcsservice)
+
+allow dataservice_app cgroup:file w_file_perms;

diff --git a/sepolicy/vendor/qtelephony.te b/sepolicy/vendor/qtelephony.te
index 0788cdf..d01178a 100644
--- a/sepolicy/vendor/qtelephony.te
+++ b/sepolicy/vendor/qtelephony.te

@@ -13,3 +13,5 @@
 allow qtelephony system_app_data_file:{ file lnk_file } create_file_perms;
 
 set_prop(qtelephony, atfwd_start_prop)
+
+allow qtelephony cgroup:file w_file_perms;

diff --git a/sepolicy/vendor/ssr_detector.te b/sepolicy/vendor/ssr_detector.te
index a5ffd3b..0fd4cc7 100644
--- a/sepolicy/vendor/ssr_detector.te
+++ b/sepolicy/vendor/ssr_detector.te

@@ -19,3 +19,5 @@
 allow ssr_detector_app sysfs:lnk_file r_file_perms;
 
 r_dir_file(ssr_detector_app, sysfs_msm_subsys)
+
+allow ssr_detector_app cgroup:file w_file_perms;
commit	6ce4a8b3b5386bb568c8191f6b93250f781fc8be	[log] [tgz]
author	Tri Vo <trong@google.com>	Sat Oct 13 17:23:27 2018 -0700
committer	Tri Vo <trong@google.com>	Sat Oct 13 17:23:29 2018 -0700
tree	f8222d2dfb9f80f861d34af6f539466882d36ab0
parent	44e354d3a14c92e6fa493152f73f1b2dbff90aa8 [diff]