Merge "sepolicy: Allow creating synthetic trace events" am: 9e6dcd74fc am: 5c3c020bbf am: 4862013e38 am: 466cb7f796

Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1881642

Change-Id: I53d865fa9faa6ada449d6c4529e80f4d702413b2
This commit is contained in:
Kalesh Singh 2021-11-09 15:50:24 +00:00 committed by Automerger Merge Worker
commit 01b5b44d67
2 changed files with 11 additions and 0 deletions

View file

@ -229,6 +229,12 @@ genfscon tracefs /events/ext4/ext4_sync_file_exit/ u:object_r:debugfs_
genfscon tracefs /events/block/block_rq_issue/ u:object_r:debugfs_tracing:s0
genfscon tracefs /events/block/block_rq_complete/ u:object_r:debugfs_tracing:s0
genfscon tracefs /synthetic_events u:object_r:debugfs_tracing:s0
genfscon tracefs /events/synthetic/rss_stat_throttled u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/synthetic_events u:object_r:debugfs_tracing:s0
genfscon debugfs /tracing/events/synthetic/rss_stat_throttled u:object_r:debugfs_tracing:s0
genfscon tracefs /trace_clock u:object_r:debugfs_tracing:s0
genfscon tracefs /buffer_size_kb u:object_r:debugfs_tracing:s0
genfscon tracefs /options/overwrite u:object_r:debugfs_tracing:s0

View file

@ -106,6 +106,11 @@ neverallow { domain -init } keystore_listen_prop:property_service set;
# Allow accessing /sys/kernel/tracing/instances/bootreceiver to set up tracing.
allow init debugfs_bootreceiver_tracing:file w_file_perms;
# Devices with kernels where CONFIG_HIST_TRIGGERS isn't enabled will
# attempt to write a non exisiting 'synthetic_events' file, when setting
# up synthetic events. This is a no-op in tracefs.
dontaudit init debugfs_tracing_debug:dir { write add_name };
# chown/chmod on devices.
allow init {
dev_type