Merge "sepolicy: Allow system domains to be profiled" am: fb9d097d03
am: 139cce7cc7
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1966610 Change-Id: I21b38265ff3770c1921d83bc8152a2e02d97f743
This commit is contained in:
commit
170b791250
3 changed files with 14 additions and 0 deletions
|
@ -5,6 +5,11 @@ typeattribute gmscore_app coredomain;
|
|||
|
||||
app_domain(gmscore_app)
|
||||
|
||||
# TODO(b/217368496): remove this.
|
||||
perfetto_producer(gmscore_app)
|
||||
can_profile_heap(gmscore_app)
|
||||
can_profile_perf(gmscore_app)
|
||||
|
||||
allow gmscore_app sysfs_type:dir search;
|
||||
# Read access to /sys/class/net/wlan*/address
|
||||
r_dir_file(gmscore_app, sysfs_net)
|
||||
|
|
|
@ -109,6 +109,10 @@ dontaudit platform_app debugfs_tracing:file rw_file_perms;
|
|||
# Allow platform apps to act as Perfetto producers.
|
||||
perfetto_producer(platform_app)
|
||||
|
||||
# TODO(b/217368496): remove this.
|
||||
can_profile_heap(platform_app)
|
||||
can_profile_perf(platform_app)
|
||||
|
||||
# Allow platform apps to create VMs
|
||||
virtualizationservice_use(platform_app)
|
||||
|
||||
|
|
|
@ -14,6 +14,11 @@ tmpfs_domain(system_server)
|
|||
|
||||
userfaultfd_use(system_server)
|
||||
|
||||
# TODO(b/217368496): remove this.
|
||||
perfetto_producer(system_server)
|
||||
can_profile_heap(system_server)
|
||||
can_profile_perf(system_server)
|
||||
|
||||
# Create a socket for connections from crash_dump.
|
||||
type_transition system_server system_data_file:sock_file system_ndebug_socket "ndebugsocket";
|
||||
|
||||
|
|
Loading…
Reference in a new issue