sepolicy/hal_memtrack.te - device/linaro/hikey960 - Gitiles

 type debugfs_kgsl, debugfs_type, fs_type;

 allow domain debugfs_kgsl:dir search;

 allow hal_memtrack debugfs_kgsl:dir search;
 allow hal_memtrack debugfs_kgsl:file { open read getattr };

 # Memtrack reads proc/<pid>/cmdline to check if process is surfaceflinger.
 # Grant access if that's the case; don't log denials for other processes.
 allow hal_memtrack surfaceflinger:file read;
 dontaudit hal_memtrack { domain -surfaceflinger}:file read;
	type debugfs_kgsl, debugfs_type, fs_type;

	allow domain debugfs_kgsl:dir search;

	allow hal_memtrack debugfs_kgsl:dir search;
	allow hal_memtrack debugfs_kgsl:file { open read getattr };

	# Memtrack reads proc/<pid>/cmdline to check if process is surfaceflinger.
	# Grant access if that's the case; don't log denials for other processes.
	allow hal_memtrack surfaceflinger:file read;
	dontaudit hal_memtrack { domain -surfaceflinger}:file read;