Open CPU-Z on a modern Android device and you will likely see a flat-zero CPU usage graph. Launch AIDA64's sensor screen and the per-core load chart stays empty. The reason: Android 8.0 introduced an SELinux policy that blocks regular apps from reading /proc/stat — the kernel file holding live CPU usage data. No Proc Stat Restriction by Young-Lord reverses that restriction with a single SELinux policy rule, restoring full CPU usage visibility for every system monitoring tool, performance overlay, and benchmark utility on your rooted device. The entire module weighs just 2.21 KB.
What Gets Restored
A one-line SELinux policy fix that unblocks every monitoring tool that reads /proc/stat for live CPU statistics — applied automatically on every boot.
Full CPU Usage Visibility
System monitor apps regain access to raw per-core CPU usage, idle time, system time, and I/O wait counters. Real-time CPU load graphs work correctly — no more flat-zero readings or "permission denied" errors in CPU-Z, AIDA64, and Device Info HW.
Accurate Battery & Idle Analysis
AccuBattery's advanced per-core monitoring, Naptime's aggressive doze analysis, and Greenify's app behavior profiling all depend on reading /proc/stat idle and active counters to detect when the system is genuinely sleeping versus being kept awake.
Gaming Performance Overlays
Performance overlays such as Moto Gametime, MSI Afterburner-style mods, and custom in-game FPS counters that show CPU usage alongside framerate and temperature can finally display live CPU load again — essential for tuning gaming performance and detecting thermal throttling.
Live SELinux Policy Patch
Uses magiskpolicy --live to inject one allow rule into the running SELinux policy at boot — no system partition modification, no recompiled policy binary. The change is RAM-only and is re-applied fresh on each reboot via the module's service script.
Ultralight — Just 2.21 KB
The entire module is a single shell script — no APK, no compiled binary, no system file overlay. Zero performance overhead at runtime: the script executes once at boot to patch the live SELinux policy and then exits immediately.
Persistent Across Reboots
Because Android reloads its compiled SELinux policy on every boot, a one-time manual patch would be wiped at restart. The module re-applies the rule automatically at every boot via Magisk's service execution framework — no user intervention required after installation.
Why Was /proc/stat Blocked in Android 8.0?
/proc/stat is a Linux kernel virtual file that exposes global and per-CPU usage counters — total time spent in user mode, system mode, idle, and I/O wait for every CPU core since boot. On standard Linux distributions this file is readable by all users; this is what enables top, htop, and system monitor widgets to display live CPU load.
Starting with Android 8.0 (API 26), Google updated the SELinux policy to deny proc_stat read access for the untrusted_app domain — the SELinux domain assigned to all regular (non-system, non-privileged) Android applications. The rationale was side-channel privacy hardening: by closely monitoring CPU usage patterns over time, a malicious app could potentially fingerprint user activity (typing rhythm via the IME process, or which app is currently in the foreground from its distinct CPU signature).
While the security rationale is reasonable, the blanket block also breaks every legitimate CPU monitor on Android — including CPU-Z, AIDA64, Device Info HW, AccuBattery, and any custom performance overlay. This module restores the pre-Android 8.0 behavior by adding a single SELinux allow rule using magiskpolicy, granting proc_stat read access back to untrusted_app, untrusted_app_25, and untrusted_app_27 (the different app domain variants across Android versions).
The Complete Module — One Rule
The entire functional part of this module is a single service.sh that runs at boot and applies one SELinux policy rule:
untrusted_app*proc_stat/proc/stat and related kernel CPU statistics files in the proc filesystem.open read getattrstat().Apps That Benefit Most
/proc/stat.psutil in Termux fail with PermissionError without this module — fixed by the policy patch.Frequently Asked Questions
/proc/stat. This file contains real-time CPU usage statistics. Without access, system monitoring tools, performance overlays, and benchmark utilities cannot report accurate CPU usage data.
/proc/stat for non-privileged apps as a privacy and security hardening measure. The restriction prevents apps from using CPU timing data to infer what other apps are running — a technique sometimes used for side-channel attacks or activity fingerprinting. However, this also breaks legitimate tools like CPU-Z, System Monitor apps, and gaming performance overlays.
/proc/stat for apps running on your device. It does not open any network ports, modify app permissions, or expose data outside the device. The risk is limited to apps on your own device being able to read CPU timing data — a trade-off that is entirely acceptable for a rooted device where the user is already in full control.
/proc/stat restriction. It has been reported working on Android 8.0 through Android 13. Behavior on Android 14 and above may vary depending on whether your ROM enforces additional restrictions at the kernel or SELinux policy level beyond what the module patches.
magiskpolicy --live "allow { untrusted_app untrusted_app_25 untrusted_app_27 } proc_stat file { open read getattr }". This applies the rule until the next reboot, after which it must be re-run manually.