Gitiles
Code Review Sign In
LeafOS / LeafOS-Project / android_frameworks_base / b1a06182548d11427d08f21077b70c588c8c0633
commitb1a06182548d11427d08f21077b70c588c8c0633[log] [tgz]
authorDavid Dai <davidai@google.com>Thu Feb 01 13:46:12 2024 -0800
committerDavid Dai <davidai@google.com>Tue Feb 06 17:25:36 2024 +0000
treeaf181bd1e49630e784e04854eae7a43419b2cc44
parent5fbc86ca8c4f085692a6341a53b1b68924cf0498 [diff]
Permit CAP_SYS_NICE for virtualmachine groups

Grant CAP_SYS_NICE to CapInh/CapPrm/CapBnd for processes that can spawn
VMs.  This enables processes to execve on binaries with elevated
capabilities if its file capability bits are set. This does not grant
capability to the parent process(that spawns the VM) as the effective
bits are not set.

This allows for VMs to be able to tune for better performance.

Bug: 322197421
Test: Booted device and processes and checked that the correct
capabilities are given.

Change-Id: I9ba974495383494d24a564c66249c78176eebca9
Signed-off-by: David Dai <davidai@google.com>
1 file changed
tree: af181bd1e49630e784e04854eae7a43419b2cc44
  1. .prebuilt_info/
  2. apct-tests/
  3. apex/
  4. api/
  5. boot/
  6. cmds/
  7. config/
  8. core/
  9. data/
  10. docs/
  11. drm/
  12. errorprone/
  13. graphics/
  14. identity/
  15. keystore/
  16. libs/
  17. location/
  18. media/
  19. mime/
  20. mms/
  21. native/
  22. nfc/
  23. nfc-extras/
  24. obex/
  25. omapi/
  26. opengl/
  27. packages/
  28. proto/
  29. ravenwood/
  30. rs/
  31. samples/
  32. sax/
  33. services/
  34. startop/
  35. telecomm/
  36. telephony/
  37. test-base/
  38. test-legacy/
  39. test-mock/
  40. test-runner/
  41. tests/
  42. tools/
  43. wifi/
  44. .clang-format
  45. .gitignore
  46. .mailmap
  47. AconfigFlags.bp
  48. ADPF_OWNERS
  49. Android.bp
  50. Android.mk
  51. BAL_OWNERS
  52. BATTERY_STATS_OWNERS
  53. BROADCASTS_OWNERS
  54. CleanSpec.mk
  55. framework-jarjar-rules.txt
  56. GAME_MANAGER_OWNERS
  57. INPUT_OWNERS
  58. INTENT_OWNERS
  59. ktfmt_includes.txt
  60. lint-baseline.xml
  61. MEMORY_OWNERS
  62. METADATA
  63. MODULE_LICENSE_APACHE2
  64. MULTIUSER_OWNERS
  65. NOTICE
  66. OWNERS
  67. OWNERS.md
  68. PACKAGE_MANAGER_OWNERS
  69. pathmap.mk
  70. PERFORMANCE_OWNERS
  71. PREUPLOAD.cfg
  72. ProtoLibraries.bp
  73. Ravenwood.bp
  74. SECURITY_STATE_OWNERS
  75. SQLITE_OWNERS
  76. TEST_MAPPING
  77. TestProtoLibraries.bp
  78. THERMAL_OWNERS
  79. TRACE_OWNERS
  80. WEAR_OWNERS
  81. ZYGOTE_OWNERS