Merge "Allow incidentd to read LAST_KMSG only for userdebug builds" into pi-dev
am: 941cc9c8d2
Change-Id: I5fa2ede7234c3c2180ca89a547e15c8dac2d12b1
This commit is contained in:
commit
7312abeb37
3 changed files with 6 additions and 0 deletions
|
@ -83,6 +83,7 @@ full_treble_only(`
|
|||
-charger
|
||||
-dumpstate
|
||||
-healthd
|
||||
userdebug_or_eng(`-incidentd')
|
||||
-init
|
||||
-logd
|
||||
-logpersist
|
||||
|
|
|
@ -8,6 +8,7 @@ domain_auto_trans(incidentd, incident_helper_exec, incident_helper)
|
|||
# use pipe to transmit data from/to incidentd/incident_helper for parsing
|
||||
allow incident_helper { shell incident incidentd }:fd use;
|
||||
allow incident_helper { shell incident incidentd }:fifo_file { getattr read write };
|
||||
allow incident_helper incidentd:unix_stream_socket { read write };
|
||||
|
||||
# only allow incidentd and shell to call incident_helper
|
||||
neverallow { domain -incidentd -incident_helper -shell } incident_helper_exec:file { execute execute_no_trans };
|
||||
|
|
|
@ -38,6 +38,10 @@ allow incidentd domain:process getattr;
|
|||
allow incidentd sysfs_batteryinfo:dir { search };
|
||||
allow incidentd sysfs_batteryinfo:file r_file_perms;
|
||||
|
||||
# section id 2007, allow reading LAST_KMSG /sys/fs/pstore/console-ramoops
|
||||
userdebug_or_eng(`allow incidentd pstorefs:dir search');
|
||||
userdebug_or_eng(`allow incidentd pstorefs:file r_file_perms');
|
||||
|
||||
# Create and write into /data/misc/incidents
|
||||
allow incidentd incident_data_file:dir rw_dir_perms;
|
||||
allow incidentd incident_data_file:file create_file_perms;
|
||||
|
|
Loading…
Reference in a new issue