From 5eca2dfb243f41f9e8e8049ceba118ddd36c94c8 Mon Sep 17 00:00:00 2001
From: Wang Han <416810799@qq.com>
Date: Thu, 11 Jun 2026 15:48:27 +0800
Subject: [PATCH] Update zygisk sepolicy for A17 QPR1 Beta 4

Mainline kernel starts to use dedicated memfd_file type for memfd,
which makes zygote cannot open memfd created by magiskd.
---
 native/src/sepolicy/rules.rs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/native/src/sepolicy/rules.rs b/native/src/sepolicy/rules.rs
index 5bb6daf32..4f433bab3 100644
--- a/native/src/sepolicy/rules.rs
+++ b/native/src/sepolicy/rules.rs
@@ -127,6 +127,7 @@ impl SePolicy {
 
             // Zygisk rules
             allow(["zygote"], ["zygote"], ["process"], ["execmem"]);
+            allow(["domain"], [proc], ["memfd_file"], ["getattr", "read", "write", "map", "execute"]);
             allow(["zygote"], ["fs_type"], ["filesystem"], ["unmount"]);
             allow(["system_server"], ["system_server"], ["process"], ["execmem"]);