platform_system_sepolicy/private/statsd.te

38 lines
1.3 KiB
Text
Raw Normal View History

typeattribute statsd coredomain;
init_daemon_domain(statsd)
# Allow to exec the perfetto cmdline client and pass it the trace config on
# stdint through a pipe. It allows statsd to capture traces and hand them
# to Android dropbox.
allow statsd perfetto_exec:file rx_file_perms;
domain_auto_trans(statsd, perfetto_exec, perfetto)
# Grant statsd with permissions to register the services.
allow statsd {
statscompanion_service
}:service_manager find;
# Allow incidentd to obtain the statsd incident section.
allow statsd incidentd:fifo_file write;
# Allow StatsCompanionService to pipe data to statsd.
allow statsd system_server:fifo_file { read write getattr };
# Allow Statsd to pipe data to privileged apps.
allow statsd priv_app:fifo_file { read write getattr };
# Allow statsd to retrieve SF statistics over binder
binder_call(statsd, surfaceflinger);
# Allow statsd to read its system properties
get_prop(statsd, device_config_statsd_native_prop)
get_prop(statsd, device_config_statsd_native_boot_prop)
# Allow statsd to write uprobestats configs.
allow statsd uprobestats_configs_data_file:dir rw_dir_perms;
allow statsd uprobestats_configs_data_file:file create_file_perms;
# Allow statsd to trigger uprobestats via property.
set_prop(statsd, uprobestats_start_with_config_prop);