1# vold goes through /proc and opens each dir as O_RDONLY 2# to gather information about all PIDS. 3# It does not need access to /proc/irq which is labeled as 4# proc_irq on bullhead 5# See system/vold commit 66270a21df1058434e4d63691221f11ff5387a0f 6dontaudit vold proc_irq:dir { read open }; 7 8# Allow vold to access zram 9allow vold swap_block_device:blk_file getattr; 10