platform_system_sepolicy/private/dumpstate.te

# type_transition must be private policy the domain_trans rules could stay
# public, but conceptually should go with this
init_daemon_domain(dumpstate)

# Execute and transition to the vdc domain
domain_auto_trans(dumpstate, vdc_exec, vdc)

# TODO: deal with tmpfs_domain pub/priv split properly
allow dumpstate dumpstate_tmpfs:file execute;

# systrace support - allow atrace to run
allow dumpstate debugfs_tracing:dir r_dir_perms;
allow dumpstate debugfs_tracing:file rw_file_perms;
allow dumpstate debugfs_trace_marker:file getattr;
allow dumpstate atrace_exec:file rx_file_perms;
allow dumpstate storaged_exec:file rx_file_perms;

# Allow dumpstate to make binder calls to storaged service
binder_call(dumpstate, storaged)
Split general policy into public and private components. Divide policy into public and private components. This is the first step in splitting the policy creation for platform and non-platform policies. The policy in the public directory will be exported for use in non-platform policy creation. Backwards compatibility with it will be achieved by converting the exported policy into attribute-based policy when included as part of the non-platform policy and a mapping file will be maintained to be included with the platform policy that maps exported attributes of previous versions to the current platform version. Eventually we would like to create a clear interface between the platform and non-platform device components so that the exported policy, and the need for attributes is minimal. For now, almost all types and avrules are left in public. Test: Tested by building policy and running on device. Change-Id: Idef796c9ec169259787c3f9d8f423edf4ce27f8c 2016-07-22 22:13:11 +02:00			`# type_transition must be private policy the domain_trans rules could stay`
			`# public, but conceptually should go with this`
			`init_daemon_domain(dumpstate)`

			`# Execute and transition to the vdc domain`
			`domain_auto_trans(dumpstate, vdc_exec, vdc)`
sepolicy: add version_policy tool and version non-platform policy. In order to support platform changes without simultaneous updates from non-platform components, the platform and non-platform policies must be split. In order to provide a guarantee that policy written for non-platform objects continues to provide the same access, all types exposed to non-platform policy are versioned by converting them and the policy using them into attributes. This change performs that split, the subsequent versioning and also generates a mapping file to glue the different policy components together. Test: Device boots and runs. Bug: 31369363 Change-Id: Ibfd3eb077bd9b8e2ff3b2e6a0ca87e44d78b1317 2016-10-12 23:58:09 +02:00
			`# TODO: deal with tmpfs_domain pub/priv split properly`
			`allow dumpstate dumpstate_tmpfs:file execute;`

			`# systrace support - allow atrace to run`
			`allow dumpstate debugfs_tracing:dir r_dir_perms;`
			`allow dumpstate debugfs_tracing:file rw_file_perms;`
			`allow dumpstate debugfs_trace_marker:file getattr;`
			`allow dumpstate atrace_exec:file rx_file_perms;`
Storaged permissions for task I/O Allow storaged to read /proc/[pid]/io Grant binder access to storaged Add storaged service Grant storaged_exec access to dumpstate Grant storaged binder_call to dumpstate Bug: 32221677 Change-Id: Iecc9dba266c5566817a99ac6251eb943a0bac630 2016-07-01 21:18:54 +02:00			`allow dumpstate storaged_exec:file rx_file_perms;`

			`# Allow dumpstate to make binder calls to storaged service`
			`binder_call(dumpstate, storaged)`