From d26e47b96b1e5f114af843fb329e9257d264c2db Mon Sep 17 00:00:00 2001
From: =?utf8?q?=D0=90=D0=B7=D0=B0=D0=BB=D0=B8=D1=8F=20=D0=A1=D0=BC=D0=B0?=
 =?utf8?q?=D1=80=D0=B0=D0=B3=D0=B4=D0=BE=D0=B2=D0=B0?=
 <charming.flurry@yandex.ru>
Date: Fri, 4 Nov 2022 16:33:28 +0500
Subject: [PATCH] Policies have been adjusted for Android 11.

---
 data/configs/android_app  | 8 +++++++-
 data/configs/lxc-waydroid | 5 +++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/data/configs/android_app b/data/configs/android_app
index 7adc67e..be8fa4b 100644
--- a/data/configs/android_app
+++ b/data/configs/android_app
@@ -1,6 +1,6 @@
 #include <tunables/global>
 
-profile android_app flags=(mediate_deleted,attach_disconnected,complain) {
+profile android_app flags=(attach_disconnected, complain, mediate_deleted) {
   #include <abstractions/base>
   /** ix,
   /dev** rw,
@@ -26,8 +26,11 @@ profile android_app flags=(mediate_deleted,attach_disconnected,complain) {
   capability net_bind_service,
   capability kill,
   capability dac_override,
+  capability chown,
   mount fstype=tmpfs -> /storage**,
+  mount fstype=tmpfs -> /data/misc/profiles**,
   mount options in (rw,bind) options in (rw,rbind) -> /storage**,
+  mount options in (rw,bind) options in (rw,rbind) -> /data/misc/profiles**,
   mount /dev/fuse -> /storage**,
   mount -> /,
   umount /storage**,
@@ -42,8 +45,11 @@ profile android_app flags=(mediate_deleted,attach_disconnected,complain) {
   signal (receive),
 
   /acct** rwkl,
+  /linkerconfig** r,
   owner /data** rwkl,
   /data/app** r,
+  /data/system/unsolzygotesocket rw,
+  /data/dalvik-cache** r,
   /data/misc** r,
   /data/lineageos_updates** r,
   /apex** mr,
diff --git a/data/configs/lxc-waydroid b/data/configs/lxc-waydroid
index b82d318..4dad205 100644
--- a/data/configs/lxc-waydroid
+++ b/data/configs/lxc-waydroid
@@ -1,6 +1,6 @@
 #include <tunables/global>
 
-profile lxc-waydroid flags=(mediate_deleted,attach_disconnected,complain) {
+profile lxc-waydroid flags=(attach_disconnected, complain, mediate_deleted) {
   #include <abstractions/base>
   /** ix,
   /system/bin/app_process Pix -> lxc-waydroid//&android_app,
@@ -24,8 +24,9 @@ profile lxc-waydroid flags=(mediate_deleted,attach_disconnected,complain) {
   /var** rw,
   /run** rw,
   /mnt** rw,
-  /apex** rw,
+  /apex** rwk,
   /sbin** rw,
+  /linkerconfig** rwk,
   /system** k,
   mount,
   umount,
-- 
2.47.3