From 3463bd0b789267cf23afdcd64ddb99ef2366ca7a Mon Sep 17 00:00:00 2001
From: Diogo Ferreira <diogo@underdev.org>
Date: Mon, 23 Nov 2015 14:31:49 +0000
Subject: [PATCH] init: Remove world-writable permissions in BFQ hierarchy

Fixes android.permission.cts.FileSystemPermissionTest#testAllFilesInSysAreNotWritable

Change-Id: Ia71a4ae246148ab8ea5333f8dbd39bfc330d2605
---
 prebuilt/common/etc/init.local.rc | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/prebuilt/common/etc/init.local.rc b/prebuilt/common/etc/init.local.rc
index 83a5cb1d..3868785f 100644
--- a/prebuilt/common/etc/init.local.rc
+++ b/prebuilt/common/etc/init.local.rc
@@ -10,7 +10,8 @@ on init
     mkdir /sys/fs/cgroup/bfqio 0755 root system
     mount cgroup none /sys/fs/cgroup/bfqio bfqio
     chown root system /sys/fs/cgroup/bfqio/tasks
-    chmod 0666 /sys/fs/cgroup/bfqio/tasks
+    chmod 0664 /sys/fs/cgroup/bfqio/tasks
+    chmod 0220 /sys/fs/cgroup/bfqio/cgroup.event_control
 
     # Soft realtime class for display service
     mkdir /sys/fs/cgroup/bfqio/rt-display 0755 root system
@@ -18,6 +19,7 @@ on init
     write /sys/fs/cgroup/bfqio/rt-display/bfqio.ioprio 7
     chown system system /sys/fs/cgroup/bfqio/rt-display/tasks
     chmod 0664 /sys/fs/cgroup/bfqio/rt-display/tasks
+    chmod 0220 /sys/fs/cgroup/bfqio/rt-display/cgroup.event_control
 
 on post-fs-data
     mkdir /data/.ssh 0750 root shell